RedHatTraining/business-process-apps-training-lab.git

Including reference to the local nexus repo

Ricardo Jun

2018-11-08 aac89fbd5bbd16d64ac805220d540c8eb73af013

commit \| author \| age
945ada	1	apiVersion: v1
RJ	2	kind: Template
	3	labels:
	4	template: rhdm7-full-ng
	5	xpaas: 1.4.0
	6	message: A new persistent Decision Manager applications have been created in your project.
	7	The username/password for accessing the KIE Server / Decision Central interface is ${KIE_ADMIN_USER}/${KIE_ADMIN_PWD}.
	8	Please be sure to create the "decisioncentral-service-account" and "kieserver-service-account" service accounts
	9	and the secrets named "${DECISION_CENTRAL_HTTPS_SECRET}" and "${KIE_SERVER_HTTPS_SECRET}" containing the
	10	${DECISION_CENTRAL_HTTPS_KEYSTORE} and ${KIE_SERVER_HTTPS_KEYSTORE}files used for serving secure content.
	11	metadata:
	12	annotations:
	13	description: Application template for Red Hat JBoss Decision Management 7.0.
	14	iconClass: icon-jboss
	15	openshift.io/display-name: Red Hat Decision Manager 7.0 applications (Persistent with https)
	16	tags: rhdm,jboss,xpaas
	17	version: 1.4.0
	18	name: rhdm7-full-ng
	19	objects:
	20	# dtorresf: Adding the service account and secrets to the template.
	21	# I like having a more centralized approach for all the required assets to
	22	# instantiate the environment, instead of having to break into different
	23	# execution steps.
	24	- kind: ServiceAccount
	25	apiVersion: v1
	26	metadata:
	27	name: decisioncentral-service-account
	28	labels:
	29	application: "${APPLICATION_NAME}"
	30	secrets:
	31	- name: decisioncentral-app-secret
	32	- kind: Secret
	33	apiVersion: v1
	34	metadata:
	35	annotations:
	36	description: Default secret file with name 'jboss' and password 'mykeystorepass'
	37	name: decisioncentral-app-secret
	38	labels:
	39	application: "${APPLICATION_NAME}"
	40	data:
	41	keystore.jks: "/u3+7QAAAAIAAAABAAAAAQAFamJvc3MAAAFNbVtLLAAABQMwggT/MA4GCisGAQQBKgIRAQEFAASCBOsxl4wqa+E+XP8+qMZY9XLhvKrRX8V1MHdwFZQaLTEVURCizqYXoMnbhtfV0oMAUFsE7013TTA9Q2l+pSs+cqz6HH/vwjEEIkqJx5wD8WcD/bu9e9F9EHQ+zrjZFmpMFvXsvj9+ux1o/YLBDGY3kd4MoDcJy0yJ/ZpzNYLkXanlrMhWqxC7MAliCBsdyVgNn5RFb4Nn+JZgJuNSIGo/K292+0IFaFv9vsXbX889W9HPCvfO0mQIzoy8In0NhzdKli/67y4kbDkWaI0fRONckZTxNpxn6rMc0nN9zKrGVToLxj1Ufcoj/tCvR8agtPpv7KIWUqBYDg83ad+i4EE5XYISovlsl6RmtrrTb39PJcL86+wJ+x2ZrLuyzh6C9sAOdSBiKt/DY97ICIYltRMrb+cNwWdnJvT+PeYvv3vKo7YThha+akoJDjsWMp1HWpbIC9zg9ZjugU+/ao6nHtmoZmCaYjLuEE+sYl5s179uyQjE3LRc+0cVY2+bYCOD6P6JLH9GdfjkR40OhjryiWy2Md6vAGaATh6kjjreRHfSie4KCgIZx9Ngb1+uAwauYSM8d9OIwT5lRmLd4Go9CaFXtFdq/IZv3x5ZEPVqMjxcq0KXcs1QcfK3oSYL/rrkxXxKFTrd0N3KgvwATWx/KS90tdHBg65dF3PpBjK1AYQL3Q7KV3t45SVyYHd92TUsaduY1nUQk4TukNC8l9f8xYVeOFXoFHZRx9edqn8fjDMmCYn5PTPNuMPHQm7nKxeWhV2URY5jt774gmvHLNcXeEgrM7US81wOvs2y1jY/paJWn+OACf2x2a75MWFFkZH67bZoh9pPWAwOUEtegXTL5QVicHjzZrop8Qb7K7hlGgD0RP5YYOFYF4DD+SL5BHKr6fw/LS6MMJaK1wKsJd0oGg9HcHXjph9Kb+mqXrQ54C1KI42LpFftU3DCg8wGoqvg/zO/UtVeHX3rBZDUIkeQrCULEkki9oL5diDxe9mNx9Qua5FJ6FJGIffQmsC4b0+Xys6NyqUu1aeWLcAPA/5hcs6ZTiSRTHTBe3vxapyBjnAL5uij4ILbWbEGH1e0mAHBeiihRx+w4oxH4OGCvXOhwIDHETLJJUcnJe1CouECdqdfVy/eEsIfiEheVs8OwogJLiWgzB7PoebXM4SKsAWL3NcDtC1LV3KuPgFuTDH7MjPIR83eSxkKlJLMNGfEpUHyg+lm7aJ98PVIS+l1YV9oUzLfbo3S6S2sMjVgyviS90vNIPo5JOTEFHsg5aWJNHL0OV4zRUeILzwwdQz+VkTk9DobnkLWUeLnwUNWheOpaQh79Mk0IfwfLj4D0Vx9p+PShKKZCGs0wjckmCFBM5Pc1x2lwMdaP5yATzrw+jUc+/3UY4PF/4Ya66m/DRsBKEcXjVAHcTce6OdNdGlBNT8VgkxPiylwO8hvyvpf6j+wdb9iXi6eOnk0AiEJ6mUAXs/eyDD/cqQjnUBKRGLQUSdHhvtpw8RfvyVhAAxNOnBsOT0WYol9iK6pSclGTF5mZleASRzZhH69GgdebfFhXimb0j/wYj3uLgf6mrKMDwlrXJ80SiWkXxd5TX/7XtB9lbPzNpaR12M8U8UVg16VOtMwCR2Gss2vmhqQnQFLsUsAKcYM0TRp1pWqbzpGebCvJkVWiIYocN3ZI1csAhGX3G86ewAAAAEABVguNTA5AAADeTCCA3UwggJdoAMCAQICBGekovEwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5DMRAwDgYDVQQHEwdSYWxlaWdoMRYwFAYDVQQKEw1teWNvbXBhbnkuY29tMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEPMA0GA1UEAxMGanNtaXRoMB4XDTE1MDUxOTE4MDYxOFoXDTE1MDgxNzE4MDYxOFowazELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5DMRAwDgYDVQQHEwdSYWxlaWdoMRYwFAYDVQQKEw1teWNvbXBhbnkuY29tMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEPMA0GA1UEAxMGanNtaXRoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0zbGtem+If//jw0OTszIcpX4ydOCC0PeqktulYkm4pG0qEVBB+HuMj7yeTBc1KCDl2xm+Q6LPeTzUufk7BXFEg4Ru1l3PSW70LyJBfHy5ns0dYE5M1I0Avv9rvjgC1VTsiBmdXh+tIIQDPknIKpWpcs79XPOURGLvuGjfyj08EZWFvAZzYrk3lKwkceDHpYYb5i+zxFRz5K6of/h9gQ9CzslqNd7uxxvyy/yTtNFk2J797Vk3hKtbiATqc9+egEHcEQrzADejPYol5ke3DA1NPRBqFGku5n215i2eYzYvVV1xmifID/3lzvNWN0bWlOxl74VsPnWa/2JPP3hZ6p5QIDAQABoyEwHzAdBgNVHQ4EFgQURLJKk/gaSrMjDyX8iYtCzPtTBqAwDQYJKoZIhvcNAQELBQADggEBAA4ESTKsWevv40hFv11t+lGNHT16u8Xk+WnvB4Ko5sZjVhvRWTTKOEBE5bDYfMhf0esn8gg0B4Qtm4Rb5t9PeaG/0d6xxD0BIV6eWihJVtEGOH47Wf/UzfC88fqoIxZ6MMBPik/WeafvOK+HIHfZSwAmqlXgl4nNVDdMNHtBhNAvikL3osxrSbqdi3eyI7rqSpb41Lm9v+PF+vZTOGRQf22Gq30/Ie85DlqugtRKimWHJYL2HeL4ywTtQKgde6JDRCOHwbDcsl6CbMjugt3yyI7Yo9EJdKb5p6YoVOpnCz7369W9Uim+Xrl2ELZWM5WTiQFxd6S36Ql2TUk+s8zj/GoN9ov0Y/yNNCxAibwyzo94N+Q4vA=="
	42	- kind: ServiceAccount
	43	apiVersion: v1
	44	metadata:
	45	name: kieserver-service-account
	46	labels:
	47	application: "${APPLICATION_NAME}"
	48	secrets:
	49	- name: kieserver-app-secret
	50	- kind: Secret
	51	apiVersion: v1
	52	metadata:
	53	annotations:
	54	description: Default secret file with name 'jboss' and password 'mykeystorepass'
	55	name: kieserver-app-secret
	56	labels:
	57	application: "${APPLICATION_NAME}"
	58	data:
	59	keystore.jks: "/u3+7QAAAAIAAAABAAAAAQAFamJvc3MAAAFNbVtLLAAABQMwggT/MA4GCisGAQQBKgIRAQEFAASCBOsxl4wqa+E+XP8+qMZY9XLhvKrRX8V1MHdwFZQaLTEVURCizqYXoMnbhtfV0oMAUFsE7013TTA9Q2l+pSs+cqz6HH/vwjEEIkqJx5wD8WcD/bu9e9F9EHQ+zrjZFmpMFvXsvj9+ux1o/YLBDGY3kd4MoDcJy0yJ/ZpzNYLkXanlrMhWqxC7MAliCBsdyVgNn5RFb4Nn+JZgJuNSIGo/K292+0IFaFv9vsXbX889W9HPCvfO0mQIzoy8In0NhzdKli/67y4kbDkWaI0fRONckZTxNpxn6rMc0nN9zKrGVToLxj1Ufcoj/tCvR8agtPpv7KIWUqBYDg83ad+i4EE5XYISovlsl6RmtrrTb39PJcL86+wJ+x2ZrLuyzh6C9sAOdSBiKt/DY97ICIYltRMrb+cNwWdnJvT+PeYvv3vKo7YThha+akoJDjsWMp1HWpbIC9zg9ZjugU+/ao6nHtmoZmCaYjLuEE+sYl5s179uyQjE3LRc+0cVY2+bYCOD6P6JLH9GdfjkR40OhjryiWy2Md6vAGaATh6kjjreRHfSie4KCgIZx9Ngb1+uAwauYSM8d9OIwT5lRmLd4Go9CaFXtFdq/IZv3x5ZEPVqMjxcq0KXcs1QcfK3oSYL/rrkxXxKFTrd0N3KgvwATWx/KS90tdHBg65dF3PpBjK1AYQL3Q7KV3t45SVyYHd92TUsaduY1nUQk4TukNC8l9f8xYVeOFXoFHZRx9edqn8fjDMmCYn5PTPNuMPHQm7nKxeWhV2URY5jt774gmvHLNcXeEgrM7US81wOvs2y1jY/paJWn+OACf2x2a75MWFFkZH67bZoh9pPWAwOUEtegXTL5QVicHjzZrop8Qb7K7hlGgD0RP5YYOFYF4DD+SL5BHKr6fw/LS6MMJaK1wKsJd0oGg9HcHXjph9Kb+mqXrQ54C1KI42LpFftU3DCg8wGoqvg/zO/UtVeHX3rBZDUIkeQrCULEkki9oL5diDxe9mNx9Qua5FJ6FJGIffQmsC4b0+Xys6NyqUu1aeWLcAPA/5hcs6ZTiSRTHTBe3vxapyBjnAL5uij4ILbWbEGH1e0mAHBeiihRx+w4oxH4OGCvXOhwIDHETLJJUcnJe1CouECdqdfVy/eEsIfiEheVs8OwogJLiWgzB7PoebXM4SKsAWL3NcDtC1LV3KuPgFuTDH7MjPIR83eSxkKlJLMNGfEpUHyg+lm7aJ98PVIS+l1YV9oUzLfbo3S6S2sMjVgyviS90vNIPo5JOTEFHsg5aWJNHL0OV4zRUeILzwwdQz+VkTk9DobnkLWUeLnwUNWheOpaQh79Mk0IfwfLj4D0Vx9p+PShKKZCGs0wjckmCFBM5Pc1x2lwMdaP5yATzrw+jUc+/3UY4PF/4Ya66m/DRsBKEcXjVAHcTce6OdNdGlBNT8VgkxPiylwO8hvyvpf6j+wdb9iXi6eOnk0AiEJ6mUAXs/eyDD/cqQjnUBKRGLQUSdHhvtpw8RfvyVhAAxNOnBsOT0WYol9iK6pSclGTF5mZleASRzZhH69GgdebfFhXimb0j/wYj3uLgf6mrKMDwlrXJ80SiWkXxd5TX/7XtB9lbPzNpaR12M8U8UVg16VOtMwCR2Gss2vmhqQnQFLsUsAKcYM0TRp1pWqbzpGebCvJkVWiIYocN3ZI1csAhGX3G86ewAAAAEABVguNTA5AAADeTCCA3UwggJdoAMCAQICBGekovEwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5DMRAwDgYDVQQHEwdSYWxlaWdoMRYwFAYDVQQKEw1teWNvbXBhbnkuY29tMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEPMA0GA1UEAxMGanNtaXRoMB4XDTE1MDUxOTE4MDYxOFoXDTE1MDgxNzE4MDYxOFowazELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5DMRAwDgYDVQQHEwdSYWxlaWdoMRYwFAYDVQQKEw1teWNvbXBhbnkuY29tMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEPMA0GA1UEAxMGanNtaXRoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0zbGtem+If//jw0OTszIcpX4ydOCC0PeqktulYkm4pG0qEVBB+HuMj7yeTBc1KCDl2xm+Q6LPeTzUufk7BXFEg4Ru1l3PSW70LyJBfHy5ns0dYE5M1I0Avv9rvjgC1VTsiBmdXh+tIIQDPknIKpWpcs79XPOURGLvuGjfyj08EZWFvAZzYrk3lKwkceDHpYYb5i+zxFRz5K6of/h9gQ9CzslqNd7uxxvyy/yTtNFk2J797Vk3hKtbiATqc9+egEHcEQrzADejPYol5ke3DA1NPRBqFGku5n215i2eYzYvVV1xmifID/3lzvNWN0bWlOxl74VsPnWa/2JPP3hZ6p5QIDAQABoyEwHzAdBgNVHQ4EFgQURLJKk/gaSrMjDyX8iYtCzPtTBqAwDQYJKoZIhvcNAQELBQADggEBAA4ESTKsWevv40hFv11t+lGNHT16u8Xk+WnvB4Ko5sZjVhvRWTTKOEBE5bDYfMhf0esn8gg0B4Qtm4Rb5t9PeaG/0d6xxD0BIV6eWihJVtEGOH47Wf/UzfC88fqoIxZ6MMBPik/WeafvOK+HIHfZSwAmqlXgl4nNVDdMNHtBhNAvikL3osxrSbqdi3eyI7rqSpb41Lm9v+PF+vZTOGRQf22Gq30/Ie85DlqugtRKimWHJYL2HeL4ywTtQKgde6JDRCOHwbDcsl6CbMjugt3yyI7Yo9EJdKb5p6YoVOpnCz7369W9Uim+Xrl2ELZWM5WTiQFxd6S36Ql2TUk+s8zj/GoN9ov0Y/yNNCxAibwyzo94N+Q4vA=="
	60	- kind: Service
	61	apiVersion: v1
	62	spec:
	63	ports:
	64	- port: 8080
	65	targetPort: 8080
	66	selector:
	67	deploymentConfig: "${APPLICATION_NAME}-rhdmcentr"
	68	metadata:
	69	name: "${APPLICATION_NAME}-rhdmcentr"
	70	labels:
	71	application: "${APPLICATION_NAME}"
	72	annotations:
	73	description: The Decision Central web server's http port.
	74	- kind: Service
	75	apiVersion: v1
	76	spec:
	77	ports:
	78	- port: 8443
	79	targetPort: 8443
	80	selector:
	81	deploymentConfig: "${APPLICATION_NAME}-rhdmcentr"
	82	metadata:
	83	name: secure-${APPLICATION_NAME}-rhdmcentr
	84	labels:
	85	application: "${APPLICATION_NAME}"
	86	annotations:
	87	description: The Decision Central web server's https port.
	88	- kind: Service
	89	apiVersion: v1
	90	spec:
	91	ports:
	92	- port: 8080
	93	targetPort: 8080
	94	selector:
	95	deploymentConfig: "${APPLICATION_NAME}-kieserver"
	96	metadata:
	97	name: "${APPLICATION_NAME}-kieserver"
	98	labels:
	99	application: "${APPLICATION_NAME}"
	100	annotations:
	101	description: The KIE server web server's http port.
	102	- kind: Service
	103	apiVersion: v1
	104	spec:
	105	ports:
	106	- port: 8443
	107	targetPort: 8443
	108	selector:
	109	deploymentConfig: "${APPLICATION_NAME}-kieserver"
	110	metadata:
	111	name: secure-${APPLICATION_NAME}-kieserver
	112	labels:
	113	application: "${APPLICATION_NAME}"
	114	annotations:
	115	description: The KIE server web server's https port.
	116	- apiVersion: v1
	117	kind: Service
	118	metadata:
	119	annotations:
	120	description: The nodejs web server's http port for the angular application demo.
	121	labels:
	122	application: ${APPLICATION_NAME}
	123	# dtorresf: Now the angular2 application does not only is integrated with the
	124	# mortgages kie container, but also with the other kie containers:
	125	# customer-greeting, mortgages and policy-quote
	126	name: ${APPLICATION_NAME}-ng-dmf
	127	spec:
	128	ports:
	129	- port: 8080
	130	targetPort: 8080
	131	selector:
	132	deploymentConfig: ${APPLICATION_NAME}-ng-dmf
	133	- kind: Route
	134	apiVersion: v1
	135	id: "${APPLICATION_NAME}-rhdmcentr-http"
	136	metadata:
	137	name: "${APPLICATION_NAME}-rhdmcentr"
	138	labels:
	139	application: "${APPLICATION_NAME}"
	140	annotations:
	141	description: Route for Decision Central's http service.
	142	haproxy.router.openshift.io/timeout: 60s
	143	spec:
	144	host: "${DECISION_CENTRAL_HOSTNAME_HTTP}"
	145	to:
	146	name: "${APPLICATION_NAME}-rhdmcentr"
	147	- kind: Route
	148	apiVersion: v1
	149	id: "${APPLICATION_NAME}-rhdmcentr-https"
	150	metadata:
	151	name: secure-${APPLICATION_NAME}-rhdmcentr
	152	labels:
	153	application: "${APPLICATION_NAME}"
	154	annotations:
	155	description: Route for Decision Central's https service.
	156	haproxy.router.openshift.io/timeout: 60s
	157	spec:
	158	host: "${DECISION_CENTRAL_HOSTNAME_HTTPS}"
	159	to:
	160	name: secure-${APPLICATION_NAME}-rhdmcentr
	161	tls:
	162	termination: passthrough
	163	- kind: Route
	164	apiVersion: v1
	165	id: "${APPLICATION_NAME}-kieserver-http"
	166	metadata:
	167	name: "${APPLICATION_NAME}-kieserver"
	168	labels:
	169	application: "${APPLICATION_NAME}"
	170	annotations:
	171	description: Route for KIE server's http service.
	172	spec:
	173	host: "${EXECUTION_SERVER_HOSTNAME_HTTP}"
	174	to:
	175	name: "${APPLICATION_NAME}-kieserver"
	176	- kind: Route
	177	apiVersion: v1
	178	id: "${APPLICATION_NAME}-kieserver-https"
	179	metadata:
	180	name: secure-${APPLICATION_NAME}-kieserver
	181	labels:
	182	application: "${APPLICATION_NAME}"
	183	annotations:
	184	description: Route for KIE server's https service.
	185	spec:
	186	host: "${EXECUTION_SERVER_HOSTNAME_HTTPS}"
	187	to:
	188	name: secure-${APPLICATION_NAME}-kieserver
	189	tls:
	190	termination: passthrough
	191	- apiVersion: v1
	192	id: ${APPLICATION_NAME}-ng-dmf-http
	193	kind: Route
	194	metadata:
	195	annotations:
	196	description: Route for nodejs mortgages http service.
	197	labels:
	198	application: ${APPLICATION_NAME}
	199	name: ${APPLICATION_NAME}-ng-dmf
	200	spec:
	201	host: ${DECISION_CENTRAL_HOSTNAME_HTTP}
	202	to:
	203	name: ${APPLICATION_NAME}-ng-dmf
	204
	205
	206	- apiVersion: v1
	207	kind: DeploymentConfig
	208	metadata:
	209	labels:
	210	application: ${APPLICATION_NAME}
	211	name: ${APPLICATION_NAME}-rhdmcentr
	212	spec:
	213	# JA Bride: setting all DCs to paused. Will then start each one via ansible
	214	paused: true
	215	replicas: 1
	216	selector:
	217	deploymentConfig: ${APPLICATION_NAME}-rhdmcentr
	218	strategy:
	219
	220	# When redeploying, a new decision central deployment will fail if set to rolling because the Lucene indexer cannot obtain a lock on a file, as the lock is held by the current deployment
	221	type: Recreate
	222
	223	template:
	224	metadata:
	225	labels:
	226	application: ${APPLICATION_NAME}
	227	deploymentConfig: ${APPLICATION_NAME}-rhdmcentr
	228	name: ${APPLICATION_NAME}-rhdmcentr
	229	spec:
	230	containers:
	231	- env:
	232	# Can expect -Xmx of 2458MB based on 3Gi memory limit
	233	- name: JAVA_MAX_MEM_RATIO
	234	value: "80"
	235	- name: JAVA_INITIAL_MEM_RATIO
	236	value: "0"
	237	- name: GC_MAX_METASPACE_SIZE
	238	value: "500"
	239	- name: KIE_ADMIN_PWD
	240	value: "${KIE_ADMIN_PWD}"
	241	- name: KIE_ADMIN_USER
	242	value: "${KIE_ADMIN_USER}"
	243	- name: KIE_MBEANS
	244	value: "${KIE_MBEANS}"
	245	- name: KIE_SERVER_CONTROLLER_PWD
	246	value: "${KIE_SERVER_CONTROLLER_PWD}"
	247	- name: KIE_SERVER_CONTROLLER_USER
	248	value: "${KIE_SERVER_CONTROLLER_USER}"
	249
	250
	251	# Default is http:
	252	# When KIE server is bounced, idled or rescheduled, the new instance will register with Decision Central, but the old, no longer existing instance is not removed from the server list by Decision Central.
	253	# As a result, Decision Central has stale entries.
	254	# When sing WebSockets as protocol, when a KIE server disappears, this is detected by Decision Central, and the server is removed from the server list.
	255	- name: KIE_SERVER_CONTROLLER_PROTOCOL
	256	value: ws
	257
	258
	259	- name: KIE_SERVER_PWD
	260	value: "${KIE_SERVER_PWD}"
	261	- name: KIE_SERVER_USER
	262	value: "${KIE_SERVER_USER}"
	263	- name: HTTPS_KEYSTORE_DIR
	264	value: "/etc/decisioncentral-secret-volume"
	265	- name: HTTPS_KEYSTORE
	266	value: "${DECISION_CENTRAL_HTTPS_KEYSTORE}"
	267	- name: HTTPS_NAME
	268	value: "${DECISION_CENTRAL_HTTPS_NAME}"
	269	- name: HTTPS_PASSWORD
	270	value: "${DECISION_CENTRAL_HTTPS_PASSWORD}"
	271	- name: ADMIN_USERNAME
	272	value: "${ADMIN_USERNAME}"
	273	- name: ADMIN_PASSWORD
	274	value: "${ADMIN_PASSWORD}"
	275	- name: PROBE_IMPL
	276	value: probe.eap.jolokia.EapProbe
	277	- name: PROBE_DISABLE_BOOT_ERRORS_CHECK
	278	value: 'true'
	279	# dtorresf: Enable ssh access through external tools like JBDS
	280	- name: JAVA_OPTS_APPEND
	281	value: '-Dorg.uberfire.nio.git.ssh.algorithm=RSA -Dorg.uberfire.nio.git.ssh.host=0.0.0.0'
	282	image: rhdm70-decisioncentral-openshift:1.1
	283	imagePullPolicy: Always
	284	livenessProbe:
	285	exec:
	286	command:
	287	- /bin/bash
	288	- -c
	289	- /opt/eap/bin/livenessProbe.sh
	290
	291	# JA Bride: Bumping up resources
	292	resources:
	293	limits:
	294	cpu: "1"
	295	# Utilized when determining -XmX
	296	memory: 3Gi
	297	requests:
	298	cpu: "1"
	299	memory: 2Gi
	300
	301	name: ${APPLICATION_NAME}-rhdmcentr
	302	ports:
	303	- containerPort: 8778
	304	name: jolokia
	305	protocol: TCP
	306	- containerPort: 8080
	307	name: http
	308	protocol: TCP
	309	- containerPort: 8443
	310	name: https
	311	protocol: TCP
	312	readinessProbe:
	313	exec:
	314	command:
	315	- /bin/bash
	316	- -c
	317	- /opt/eap/bin/readinessProbe.sh
	318	volumeMounts:
	319	- mountPath: /etc/decisioncentral-secret-volume
	320	name: decisioncentral-keystore-volume
	321	readOnly: true
	322	- name: "${APPLICATION_NAME}-rhdmcentr-pvol"
	323	mountPath: "/opt/eap/standalone/data/bpmsuite"
	324	serviceAccountName: decisioncentral-service-account
	325	terminationGracePeriodSeconds: 60
	326	volumes:
	327	- name: decisioncentral-keystore-volume
	328	secret:
	329	secretName: ${DECISION_CENTRAL_HTTPS_SECRET}
	330	- name: "${APPLICATION_NAME}-rhdmcentr-pvol"
	331	persistentVolumeClaim:
	332	claimName: "${APPLICATION_NAME}-rhdmcentr-claim"
	333	triggers:
	334	- imageChangeParams:
	335	automatic: true
	336	containerNames:
	337	- ${APPLICATION_NAME}-rhdmcentr
	338	from:
	339	kind: ImageStreamTag
	340	name: rhdm70-decisioncentral-openshift:1.1
	341	namespace: ${RHT_IMAGE_STREAM_NAMESPACE}
	342	type: ImageChange
	343	- type: ConfigChange
	344
	345	# JA Bride: Defining a BC to layer custom run script on kieserver image
	346	- apiVersion: v1
	347	kind: BuildConfig
	348	metadata:
	349	labels:
	350	application: ${APPLICATION_NAME}
	351	name: ${APPLICATION_NAME}-custom-kieserver
	352	spec:
	353	output:
	354	to:
	355	kind: ImageStreamTag
	356	name: custom-kieserver:latest
	357	postCommit: {}
	358
	359	# JA Bride: Bumping up limit and request so tht node app builds in a timely manner without timing out
	360	resources:
	361	limits:
	362	cpu: "1"
	363	memory: 1Gi
	364	requests:
	365	cpu: "1"
	366	memory: 1Gi
	367
	368	# JA Bride: The BPM exec server build config object is comprised of the bpmsuite7 exec server layered with the source code of this project.
	369	# The only thing this project source code does is provide a run script to customize the standalone-openshift.xml config file of JBoss EAP.
	370	runPolicy: Serial
	371	source:
	372	contextDir: exec-server
	373	git:
	374	ref: master
	375	type: Git
6ce72f	376	uri: http://services.lab.example.com/bxms_decision_mgmt_foundations_lab/
945ada	377	strategy:
RJ	378	sourceStrategy:
	379	from:
	380	kind: ImageStreamTag
	381	name: rhdm70-kieserver-openshift:1.1
	382	namespace: ${RHT_IMAGE_STREAM_NAMESPACE}
	383	type: Source
	384	triggers:
	385	- type: ImageChange
	386	- type: ConfigChange
	387
	388	# JA Bride: imagestream for customized kieserver created from BC resource defined in this template
	389	- apiVersion: v1
	390	kind: ImageStream
	391	metadata:
	392	labels:
	393	application: ${APPLICATION_NAME}
	394	name: custom-kieserver
	395	spec:
	396	lookupPolicy:
	397	local: false
	398
	399	# dtorresf: Having the ConfigMap in the same template to reduce instantiation steps
	400	- apiVersion: v1
	401	kind: ConfigMap
	402	data:
	403	undertow-cors.cli: >
	404	batch
	405
	406	/subsystem=undertow/configuration=filter/response-header=Access-Control-Allow-Origin:add(header-name="Access-Control-Allow-Origin",
	407	header-value="*")
	408
	409	/subsystem=undertow/server=default-server/host=default-host/filter-ref=Access-Control-Allow-Origin/:add()
	410
	411	/subsystem=undertow/configuration=filter/response-header=Access-Control-Allow-Methods:add(header-name="Access-Control-Allow-Methods",
	412	header-value="GET, POST, OPTIONS, PUT, DELETE")
	413
	414	/subsystem=undertow/server=default-server/host=default-host/filter-ref=Access-Control-Allow-Methods/:add()
	415
	416	/subsystem=undertow/configuration=filter/response-header=Access-Control-Allow-Headers:add(header-name="Access-Control-Allow-Headers",
	417	header-value="accept, authorization, content-type, x-requested-with")
	418
	419	/subsystem=undertow/server=default-server/host=default-host/filter-ref=Access-Control-Allow-Headers/:add()
	420
	421	/subsystem=undertow/configuration=filter/response-header=Access-Control-Allow-Credentials:add(header-name="Access-Control-Allow-Credentials",
	422	header-value="true")
	423
	424	/subsystem=undertow/server=default-server/host=default-host/filter-ref=Access-Control-Allow-Credentials/:add()
	425
	426	/subsystem=undertow/configuration=filter/response-header=Access-Control-Max-Age:add(header-name="Access-Control-Max-Age",
	427	header-value="2")
	428
	429	/subsystem=undertow/server=default-server/host=default-host/filter-ref=Access-Control-Max-Age/:add()
	430
	431	run-batch
	432	metadata:
	433	labels:
	434	application: ${APPLICATION_NAME}
	435	name: undertow-cors
	436
	437	- apiVersion: v1
	438	kind: DeploymentConfig
	439	metadata:
	440	labels:
	441	application: ${APPLICATION_NAME}
	442	name: ${APPLICATION_NAME}-kieserver
	443	spec:
	444	# JA Bride: setting all DCs to paused. Will then start each one via ansible
	445	paused: true
	446	replicas: 1
	447	selector:
	448	deploymentConfig: ${APPLICATION_NAME}-kieserver
	449	strategy:
	450	# https://github.com/redhat-gpe/bxms_decision_mgmt_foundations/issues/39
	451	type: Rolling
	452	template:
	453	metadata:
	454	labels:
	455	application: ${APPLICATION_NAME}
	456	deploymentConfig: ${APPLICATION_NAME}-kieserver
	457	name: ${APPLICATION_NAME}-kieserver
	458	spec:
	459	containers:
	460	- env:
	461	# Can expect -Xmx of 1600MB based on 2Gi memory limit
	462	- name: JAVA_MAX_MEM_RATIO
	463	value: "80"
	464	- name: JAVA_INITIAL_MEM_RATIO
	465	value: "0"
	466	- name: DROOLS_SERVER_FILTER_CLASSES
	467	value: "${DROOLS_SERVER_FILTER_CLASSES}"
	468	- name: KIE_ADMIN_PWD
	469	value: "${KIE_ADMIN_PWD}"
	470	- name: KIE_ADMIN_USER
	471	value: "${KIE_ADMIN_USER}"
	472	- name: KIE_MBEANS
	473	value: "${KIE_MBEANS}"
	474	- name: KIE_SERVER_BYPASS_AUTH_USER
	475	value: "${KIE_SERVER_BYPASS_AUTH_USER}"
	476	- name: KIE_SERVER_CONTROLLER_PWD
	477	value: "${KIE_SERVER_CONTROLLER_PWD}"
	478	- name: KIE_SERVER_CONTROLLER_SERVICE
	479	value: "${APPLICATION_NAME}-rhdmcentr"
	480	- name: KIE_SERVER_CONTROLLER_USER
	481	value: "${KIE_SERVER_CONTROLLER_USER}"
	482
	483
	484	# Default is http:
	485	# When KIE server is bounced, idled or rescheduled, the new instance will register with Decision Central, but the old, no longer existing instance is not removed from the server list by Decision Central.
	486	# As a result, Decision Central has stale entries.
	487	# When sing WebSockets as protocol, when a KIE server disappears, this is detected by Decision Central, and the server is removed from the server list.
	488	- name: KIE_SERVER_CONTROLLER_PROTOCOL
	489	value: ws
	490
	491	- name: KIE_SERVER_HOST
	492	valueFrom:
	493	fieldRef:
	494	fieldPath: status.podIP
	495	- name: KIE_SERVER_PWD
	496	value: "${KIE_SERVER_PWD}"
	497	- name: KIE_SERVER_USER
	498	value: "${KIE_SERVER_USER}"
	499	- name: MAVEN_REPO_URL
	500	value: "${MAVEN_REPO_URL}"
	501	- name: MAVEN_REPO_SERVICE
	502	value: "${APPLICATION_NAME}-rhdmcentr"
	503	- name: MAVEN_REPO_PATH
	504	value: "/maven2/"
	505	- name: MAVEN_REPO_USERNAME
	506	value: "${MAVEN_REPO_USERNAME}"
	507	- name: MAVEN_REPO_PASSWORD
	508	value: "${MAVEN_REPO_PASSWORD}"
	509	- name: HTTPS_KEYSTORE_DIR
	510	value: "/etc/kieserver-secret-volume"
	511	- name: HTTPS_KEYSTORE
	512	value: "${KIE_SERVER_HTTPS_KEYSTORE}"
	513	- name: HTTPS_NAME
	514	value: "${KIE_SERVER_HTTPS_NAME}"
	515	- name: HTTPS_PASSWORD
	516	value: "${KIE_SERVER_HTTPS_PASSWORD}"
	517	image: custom-kieserver:latest
	518	imagePullPolicy: Always
	519	livenessProbe:
	520	exec:
	521	command:
	522	- /bin/bash
	523	- -c
	524	- /opt/eap/bin/livenessProbe.sh
	525	resources:
	526	limits:
	527	cpu: "1"
	528	memory: 2Gi
	529	requests:
	530	cpu: "1"
	531	memory: 1Gi
	532
	533	name: ${APPLICATION_NAME}-kieserver
	534	ports:
	535	- containerPort: 8778
	536	name: jolokia
	537	protocol: TCP
	538	- containerPort: 8080
	539	name: http
	540	protocol: TCP
	541	- containerPort: 8443
	542	name: https
	543	protocol: TCP
	544	readinessProbe:
	545	exec:
	546	command:
	547	- /bin/bash
	548	- -c
	549	- /opt/eap/bin/readinessProbe.sh
	550	volumeMounts:
	551	- mountPath: /etc/kieserver-secret-volume
	552	name: kieserver-keystore-volume
	553	readOnly: true
	554	- mountPath: /data
	555	name: cors-volume
	556	serviceAccountName: decisioncentral-service-account
	557	terminationGracePeriodSeconds: 60
	558	volumes:
	559	- name: kieserver-keystore-volume
	560	secret:
	561	secretName: ${KIE_SERVER_HTTPS_SECRET}
	562	- configMap:
	563	name: undertow-cors
	564	name: cors-volume
	565	triggers:
	566	- imageChangeParams:
	567	automatic: true
	568	containerNames:
	569	- ${APPLICATION_NAME}-kieserver
	570	from:
	571	kind: ImageStreamTag
	572	name: custom-kieserver:latest
	573	type: ImageChange
	574	- type: ConfigChange
	575	- apiVersion: v1
	576	kind: PersistentVolumeClaim
	577	metadata:
	578	name: "${APPLICATION_NAME}-rhdmcentr-claim"
	579	labels:
	580	application: ${APPLICATION_NAME}
	581	spec:
	582	accessModes:
	583	- ReadWriteOnce
	584	resources:
	585	requests:
	586	storage: "${DECISION_CENTRAL_VOLUME_CAPACITY}"
	587
	588	# dtorresf: configmap replaced by environment variables in BuildConfig
	589
	590	- apiVersion: v1
	591	kind: BuildConfig
	592	metadata:
	593	labels:
	594	application: ${APPLICATION_NAME}
	595	name: ${APPLICATION_NAME}-ng-dmf
	596	spec:
	597	nodeSelector: null
	598	output:
	599	to:
	600	kind: ImageStreamTag
	601	name: ng-dmf:latest
	602	postCommit: {}
	603	resources:
	604
	605	# JA Bride / dtorresf: bumping to 2 cpu and 2Gi
	606	# The new version of this node app has more javascript components and pre-evaluations.
	607	# the new application has a menu for the demos and centralizes the demos for our course.
	608	limits:
	609	cpu: "2"
	610	memory: 2Gi
	611	requests:
	612	cpu: "1"
	613	memory: 1Gi
	614	runPolicy: Serial
	615	source:
	616	git:
	617	# dtorresf: new git repository with templated angular2 application
6ce72f	618	uri: 'http://services.lab.example.com/gpte-ng-dmf/'
945ada	619	type: Git
RJ	620	strategy:
	621	sourceStrategy:
	622	# dtorresf: use environment variables to obtain namespace and cluster name for kie-server endpoint configuration
	623	# replaces the old ng-environment configmap
	624	env:
	625	- name: OCP_NAMESPACE
	626	valueFrom:
	627	fieldRef:
	628	fieldPath: metadata.namespace
e7a843	629	- name: NPM_MIRROR
aac89f	630	value: 'http://services.lab.example.com:8081/nexus/content/groups/nodejs/'
945ada	631	- name: REST_API_URL
RJ	632	value: 'http://${APPLICATION_NAME}-kieserver-$(OCP_NAMESPACE).${CLUSTER}/'
	633	- name: REST_API_USER
	634	value: '${KIE_ADMIN_USER}'
	635	- name: REST_API_PWD
	636	value: '${KIE_ADMIN_PWD}'
	637	from:
	638	# dtorresf: Using the available ImageStreamTag from the openshift registry
	639	kind: ImageStreamTag
4d109c	640	name: 'node:latest'
945ada	641	namespace: openshift
RJ	642	type: Source
	643	triggers:
	644	- type: ImageChange
	645	- apiVersion: v1
	646	kind: ImageStream
	647	metadata:
	648	labels:
	649	application: ${APPLICATION_NAME}
	650	name: ng-dmf
	651	spec:
	652	lookupPolicy:
	653	local: false
	654
	655	- apiVersion: v1
	656	kind: DeploymentConfig
	657	metadata:
	658	labels:
	659	application: ${APPLICATION_NAME}
	660	name: ${APPLICATION_NAME}-ng-dmf
	661	spec:
	662	# JA Bride: setting all DCs to paused. Will then start each one via ansible
	663	paused: true
	664	replicas: 1
	665	selector:
	666	deploymentConfig: ${APPLICATION_NAME}-ng-dmf
	667	strategy:
	668	# https://github.com/redhat-gpe/bxms_decision_mgmt_foundations/issues/39
	669	type: Rolling
	670	template:
	671	metadata:
	672	labels:
	673	application: ${APPLICATION_NAME}
	674	deploymentConfig: ${APPLICATION_NAME}-ng-dmf
	675	name: ${APPLICATION_NAME}-ng-dmf
	676	spec:
	677	containers:
	678	- image: ng-dmf:latest
	679	imagePullPolicy: Always
	680	livenessProbe:
	681	failureThreshold: 10
	682	initialDelaySeconds: 50
	683	periodSeconds: 10
	684	tcpSocket:
	685	port: 8080
	686	timeoutSeconds: 1
	687	name: ${APPLICATION_NAME}-ng-dmf
	688	ports:
	689	- containerPort: 8080
	690	name: http
	691	protocol: TCP
	692	readinessProbe:
	693	initialDelaySeconds: 50
	694	failureThreshold: 30
	695	periodSeconds: 10
	696	tcpSocket:
	697	port: 8080
	698	timeoutSeconds: 1
	699	resources:
	700	limits:
	701	cpu: "1"
	702	memory: 2Gi
	703	requests:
	704	cpu: "1"
	705	memory: 256Mi
	706	# dtorresf: ng-environment configMap replaced by environment variables at BuildConfig
	707	triggers:
	708	- imageChangeParams:
	709	automatic: true
	710	containerNames:
	711	- ${APPLICATION_NAME}-ng-dmf
	712	from:
	713	kind: ImageStreamTag
	714	name: ng-dmf:latest
	715	type: ImageChange
	716	- type: ConfigChange
	717	parameters:
	718	- displayName: Application Name
	719	description: The name for the application.
	720	name: APPLICATION_NAME
	721	value: myapp
	722	required: true
	723	- displayName: EAP Admin User
	724	description: EAP administrator username
	725	name: ADMIN_USERNAME
	726	value: eapadmin
	727	required: false
	728	- displayName: EAP Admin Password
	729	description: EAP administrator password
	730	name: ADMIN_PASSWORD
	731	from: "[a-zA-Z]{6}[0-9]{1}!"
	732	generate: expression
	733	required: false
	734	- displayName: KIE Admin User
	735	description: KIE administrator username
	736	name: KIE_ADMIN_USER
	737	value: adminUser
	738	required: false
	739	- displayName: KIE Admin Password
	740	description: KIE administrator password
	741	name: KIE_ADMIN_PWD
	742	from: "[a-zA-Z]{6}[0-9]{1}!"
	743	generate: expression
	744	required: false
	745	- displayName: KIE Server Controller User
	746	description: KIE server controller username (Sets the org.kie.server.controller.user system property)
	747	name: KIE_SERVER_CONTROLLER_USER
	748	value: controllerUser
	749	required: false
	750	- displayName: KIE Server Controller Password
	751	description: KIE server controller password (Sets the org.kie.server.controller.pwd system property)
	752	name: KIE_SERVER_CONTROLLER_PWD
	753	from: "[a-zA-Z]{6}[0-9]{1}!"
	754	generate: expression
	755	required: false
	756	- displayName: KIE Server User
	757	description: KIE execution server username (Sets the org.kie.server.user system property)
	758	name: KIE_SERVER_USER
	759	value: executionUser
	760	required: false
	761	- displayName: KIE Server Password
	762	description: KIE execution server password (Sets the org.kie.server.pwd system property)
	763	name: KIE_SERVER_PWD
	764	from: "[a-zA-Z]{6}[0-9]{1}!"
	765	generate: expression
	766	required: false
	767	- displayName: KIE Server Bypass Auth User
	768	description: KIE execution server bypass auth user (Sets the org.kie.server.bypass.auth.user system property)
	769	name: KIE_SERVER_BYPASS_AUTH_USER
	770	value: 'false'
	771	required: false
	772	- displayName: KIE MBeans
	773	description: KIE execution server mbeans enabled/disabled (Sets the kie.mbeans and kie.scanner.mbeans system properties)
	774	name: KIE_MBEANS
	775	value: enabled
	776	required: false
	777	- displayName: Drools Server Filter Classes
	778	description: KIE execution server class filtering (Sets the org.drools.server.filter.classes system property)
	779	name: DROOLS_SERVER_FILTER_CLASSES
	780	value: 'true'
	781	required: false
	782	- displayName: Decision Central Custom http Route Hostname
	783	description: 'Custom hostname for http service route. Leave blank for default hostname,
	784	e.g.: <application-name>-rhdmcentr-<project>.<default-domain-suffix>'
	785	name: DECISION_CENTRAL_HOSTNAME_HTTP
	786	value: ''
	787	required: false
	788	- displayName: Decision Central Custom https Route Hostname
	789	description: 'Custom hostname for https service route. Leave blank for default
	790	hostname, e.g.: secure-<application-name>-rhdmcentr-<project>.<default-domain-suffix>'
	791	name: DECISION_CENTRAL_HOSTNAME_HTTPS
	792	value: ''
	793	required: false
	794	- displayName: Execution Server Custom http Route Hostname
	795	description: 'Custom hostname for http service route. Leave blank for default hostname,
	796	e.g.: <application-name>-kieserver-<project>.<default-domain-suffix>'
	797	name: EXECUTION_SERVER_HOSTNAME_HTTP
	798	value: ''
	799	required: false
	800	- displayName: Execution Server Custom https Route Hostname
	801	description: 'Custom hostname for https service route. Leave blank for default
	802	hostname, e.g.: secure-<application-name>-kieserver-<project>.<default-domain-suffix>'
	803	name: EXECUTION_SERVER_HOSTNAME_HTTPS
	804	value: ''
	805	required: false
	806	- displayName: Decision Central Server Keystore Secret Name
	807	description: The name of the secret containing the keystore file
	808	name: DECISION_CENTRAL_HTTPS_SECRET
	809	value: decisioncentral-app-secret
	810	required: false
	811	- displayName: Decision Central Server Keystore Filename
	812	description: The name of the keystore file within the secret
	813	name: DECISION_CENTRAL_HTTPS_KEYSTORE
	814	value: keystore.jks
	815	required: false
	816	- displayName: Decision Central Server Certificate Name
	817	description: The name associated with the server certificate
	818	name: DECISION_CENTRAL_HTTPS_NAME
	819	value: jboss
	820	required: false
	821	- displayName: Decision Central Server Keystore Password
	822	description: The password for the keystore and certificate
	823	name: DECISION_CENTRAL_HTTPS_PASSWORD
	824	value: mykeystorepass
	825	required: false
	826	- displayName: KIE Server Keystore Secret Name
	827	description: The name of the secret containing the keystore file
	828	name: KIE_SERVER_HTTPS_SECRET
	829	value: kieserver-app-secret
	830	required: false
	831	- displayName: KIE Server Keystore Filename
	832	description: The name of the keystore file within the secret
	833	name: KIE_SERVER_HTTPS_KEYSTORE
	834	value: keystore.jks
	835	required: false
	836	- displayName: KIE Server Certificate Name
	837	description: The name associated with the server certificate
	838	name: KIE_SERVER_HTTPS_NAME
	839	value: jboss
	840	required: false
	841	- displayName: KIE Server Keystore Password
	842	description: The password for the keystore and certificate
	843	name: KIE_SERVER_HTTPS_PASSWORD
	844	value: mykeystorepass
	845	required: false
	846	- displayName: RHT ImageStream Namespace
	847	description: Namespace in which the ImageStreams for Red Hat Middleware images are
	848	installed. These ImageStreams are normally installed in the openshift namespace.
	849	You should only need to modify this if you've installed the ImageStreams in a
	850	different namespace/project.
	851	name: RHT_IMAGE_STREAM_NAMESPACE
	852	value: openshift
	853	required: true
	854	- displayName: GPTE ImageStream Namespace
	855	description: Namespace in which the ImageStreams for RHT GPTE images are installed.
	856	name: GPTE_IMAGE_STREAM_NAMESPACE
	857	value: openshift
	858	required: true
	859	- displayName: Maven repository URL
	860	description: Fully qualified URL to a Maven repository. If unspecified, will fall back to Decision Central service.
	861	name: MAVEN_REPO_URL
	862	required: false
	863	- displayName: Maven repository username
	864	description: Username to access the Maven repository. If using Decision Central, will have to match KIE_ADMIN_USER.
	865	Default is "adminUser".
	866	name: MAVEN_REPO_USERNAME
	867	value: adminUser
	868	required: false
	869	- displayName: Maven repository password
	870	description: Password to access the Maven repository. If using Decision Central, will have to match KIE_ADMIN_PWD.
	871	No default specified.
	872	name: MAVEN_REPO_PASSWORD
	873	required: false
	874	- displayName: Decision Central Volume Capacity
	875	description: Size of the persistent storage for Decision Central's runtime data.
	876	name: DECISION_CENTRAL_VOLUME_CAPACITY
	877	value: 512Mi
	878	required: true
	879	# dtorresf: PROJECT name parameter replace by metadata namespace.
	880	# dtorresf: These parameters enable the setup of project and cluster properties for the angular2
	881	- displayName: Project name
	882	name: PROJECT
	883	required: false
	884	value: ''
	885	- displayName: Cluster name
	886	name: CLUSTER
	887	value: apps.dev37.openshift.opentlc.com
	888	required: true