zware/JFrog-Cloud-Installers
1
0
Fork 0
mirror of https://github.com/ZwareBear/JFrog-Cloud-Installers.git synced 2026-01-21 06:06:56 -06:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:jfrog/JFrog-Cloud-Installers into openshift4

Browse Source
This commit is contained in:
John Peterson
2020-12-30 15:15:12 -08:00
parent 2c37cdd85c 9929016ae7
commit 2370e8fd5d
46 changed files with 8141 additions and 92 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
.github/ISSUE_TEMPLATE.md vendored Normal file
View File

@@ -0,0 +1,41 @@
<!-- Thanks for filing an issue! Before hitting the button, please answer these questions.
It's helpful to search the existing GitHub issues first. It's likely that another user
has already reported the issue you're facing, or it's a known issue that we're already aware of-->
**Is this a request for help?**:
---
**Is this a BUG REPORT or FEATURE REQUEST?** (choose one):
<!--
If this is a BUG REPORT, please:
- Fill in as much of the template below as you can. If you leave out
information, we can't help you as well.
If this is a FEATURE REQUEST, please:
- Describe *in detail* the feature/behavior/change you'd like to see.
In both cases, be ready for followup questions, and please respond in a timely
manner. If we can't reproduce a bug or think a feature already exists, we
might close your issue. If we're wrong, PLEASE feel free to reopen it and
explain why.
-->
**Which installer**:
**Which product and version**:
**What happened**:
**What you expected to happen**:
**How to reproduce it** (as minimally and precisely as possible):
**Anything else we need to know**:

31
.github/PULL_REQUEST_TEMPLATE.md vendored Normal file
View File

@@ -0,0 +1,31 @@
#### PR Checklist
[Place an '[x]' (no spaces) in all applicable fields. Please remove unrelated fields.]
- [ ] Title of the PR starts with installer/product name (e.g. `[ansible/artifactory]`)
- [ ] CHANGELOG.md updated
- [ ] Variables and other changes are documented in the README.md
<!--
Thank you for contributing .
Following our best practices right from the start will accelerate the review process and
help get your PR merged quicker.
When updates to your PR are requested, please add new commits and do not squash the
history. This will make it easier to identify new changes. The PR will be squashed
anyways when it is merged. Thanks.
For fast feedback, please @-mention maintainers that are listed in the Chart.yaml file.
Please make sure you test your changes before you push them.
Please check the results. We would like these checks to pass before we
even continue reviewing your changes.
-->
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:

20
.github/workflows/slack-notify-issues.yml vendored Normal file
View File

@@ -0,0 +1,20 @@
on:
issues:
types: [opened, reopened, deleted, closed]
name: Slack Issue Notification
jobs:
slackNotification:
name: Slack Notification Issue
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Slack Notification Issue
uses: rtCamp/action-slack-notify@master
env:
SLACK_CHANNEL: partnereng-issues
SLACK_COLOR: '#00A86B'
SLACK_ICON: https://pbs.twimg.com/profile_images/978188446178082817/86ulJdF0.jpg
SLACK_TITLE: "[${{ github.event.issue.state}}] ${{ github.event.issue.title }} on ${{ github.repository }} :rocket:"
SLACK_MESSAGE: 'Link: ${{ github.event.issue.url }}'
SLACK_USERNAME: PartnerEngineers
SLACK_WEBHOOK: ${{ secrets.SLACK_ISSUE_WEBHOOK }}

22
.github/workflows/slack-notify-pr.yml vendored Normal file
View File

@@ -0,0 +1,22 @@
on:
pull_request:
branches:
- master
types: [opened, reopened, closed]
name: Slack Pull Request Notification
jobs:
slackNotification:
name: Slack Notification PR
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Slack Notification PR
uses: rtCamp/action-slack-notify@master
env:
SLACK_CHANNEL: partnereng-pullrequest
SLACK_COLOR: '#00A86B'
SLACK_ICON: https://pbs.twimg.com/profile_images/978188446178082817/86ulJdF0.jpg
SLACK_TITLE: "[${{ github.event.pull_request.state}}] ${{ github.event.pull_request.title }} on ${{ github.repository }} :rocket:"
SLACK_MESSAGE: 'Merging from ${{ github.head_ref }} to ${{ github.base_ref }} by ${{ github.actor }}. Link: ${{ github.event.pull_request._links.html.href }}'
SLACK_USERNAME: PartnerEngineers
SLACK_WEBHOOK: ${{ secrets.SLACK_PR_WEBHOOK }}

242
Amazon/Marketplace/v7.10.2/.taskcat.yml Normal file
View File

@@ -0,0 +1,242 @@
project:
name: quickstart-jfrog-artifactory
owner: quickstart-eng@amazon.com
#lambda_source_path: functions/source
#lambda_zip_path: functions/packages
s3_object_acl: public-read
s3_regional_buckets: True
s3_bucket: tcat-422383ecc658557f9a377abae675aac0 # commercial or gov accounts
# s3_bucket: tcat-a3e80b6745b2547da1c745b16adf2a66 # aws-seller accounts
regions:
- us-east-1
#- us-gov-east-1
#- us-gov-west-1
tests:
# jcr-ami-7102:
# auth:
# us-east-1: seller
# us-gov-west-1: gov
# us-gov-east-1: gov
# parameters:
# AvailabilityZone: "$[taskcat_genaz_1]"
# KeyPairName: "vinaykey1"
# ArtifactVersion: 7.10.2
# RemoteAccessCidr: "0.0.0.0/0"
# QsS3BucketName: "$[taskcat_autobucket]"
# QsS3KeyPrefix: "quickstart-jfrog-artifactory/"
# QsS3BucketRegion: "$[taskcat_current_region]"
# JFrogProduct: "jfrog-artifactory-jcr"
# template: templates/jfrog-ami-master.template.yaml
# regions:
# - us-east-1
# - us-west-2
# rt-ami-7102:
# auth:
# us-east-1: seller
# us-gov-west-1: gov
# us-gov-east-1: gov
# parameters:
# AvailabilityZone: "$[taskcat_genaz_1]"
# KeyPairName: "vinaykey1"
# ArtifactVersion: 7.10.2
# RemoteAccessCidr: "0.0.0.0/0"
# QsS3BucketName: "$[taskcat_autobucket]"
# QsS3KeyPrefix: "quickstart-jfrog-artifactory/"
# QsS3BucketRegion: "$[taskcat_current_region]"
# JFrogProduct: "jfrog-artifactory-pro"
# template: templates/jfrog-ami-master.template.yaml
# regions:
# - us-east-1
# - us-west-2
# - us-gov-east-1
# xray-ami-3103:
# auth:
# us-east-1: seller
# us-gov-west-1: gov
# us-gov-east-1: gov
# parameters:
# AvailabilityZone: "$[taskcat_genaz_1]"
# KeyPairName: "vinaykey1"
# # XrayVersion: 3.8.6
# XrayVersion: 3.10.3
# RemoteAccessCidr: "0.0.0.0/0"
# QsS3BucketName: "$[taskcat_autobucket]"
# QsS3KeyPrefix: "quickstart-jfrog-artifactory/"
# QsS3BucketRegion: "$[taskcat_current_region]"
# template: templates/ami-rt-xray-master.template.yaml
# regions:
# - us-east-1
# - us-west-2
# - us-gov-east-1
rt-xray-ec2-postgres:
auth:
us-east-1: default
us-gov-west-1: gov
us-gov-east-1: gov
parameters:
KeyPairName: "vinaykey1"
ArtifactoryVersion: 7.10.2
RemoteAccessCidr: "0.0.0.0/0"
DatabaseEngine: Postgres
AccessCidr: "0.0.0.0/0"
DatabasePassword: "$[taskcat_genpass_8A]"
QsS3BucketName: "$[taskcat_autobucket]"
QsS3KeyPrefix: "quickstart-jfrog-artifactory/"
QsS3BucketRegion: "$[taskcat_current_region]"
DatabaseInstance: "db.m5.large"
NumberOfSecondary: "2"
KeystorePassword: "$[taskcat_genpass_8A]"
AnsibleVaultPass: "$[taskcat_genpass_8A]"
ArtifactoryServerName: "artifactory"
MasterKey: "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
SmLicenseCertName: "jfrog-artifactory"
MultiAzDatabase: "false"
# InstallXray: "false"
XrayVersion: 3.10.3
XrayDatabasePassword: "$[taskcat_genpass_8A]"
# XrayNumberOfInstances: 2
# AvailabilityZones: "$[taskcat_genaz_2]"
# template: templates/jfrog-artifactory-ec2-master.template.yaml
# # # after creating a VPC, comment line above and uncomment lines below for faster iteration
# # # commercial account
AvailabilityZones: "us-east-1a, us-east-1b"
VpcId : "vpc-06fcc5cee261e2b5e"
PublicSubnet1Id : "subnet-0d3b79b392dd1c24b"
PrivateSubnet1Id: "subnet-052de6286d774f2d2"
PublicSubnet2Id : "subnet-0c0405f3f9bff01ec"
PrivateSubnet2Id: "subnet-0ea49aaf81e25fd33"
# template: templates/jfrog-artifactory-ec2-existing-vpc.template.yaml
template: templates/jfrog-artifactory-ec2-marketplace-master.template.yaml
regions:
- us-east-1
# rt-xray-ec2-marketplace:
# parameters:
# KeyPairName: "vinaykey1"
# ArtifactoryVersion: 7.10.2
# RemoteAccessCidr: "0.0.0.0/0"
# DatabaseEngine: Postgres
# AccessCidr: "0.0.0.0/0"
# DatabasePassword: "$[taskcat_genpass_8A]"
# QsS3BucketName: "$[taskcat_autobucket]"
# QsS3KeyPrefix: "quickstart-jfrog-artifactory/"
# QsS3BucketRegion: "$[taskcat_current_region]"
# DatabaseInstance: "db.m5.large"
# NumberOfSecondary: "2"
# KeystorePassword: "$[taskcat_genpass_8A]"
# AnsibleVaultPass: "$[taskcat_genpass_8A]"
# ArtifactoryServerName: "artifactory"
# MasterKey: "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
# SmLicenseCertName: "jfrog-artifactory"
# MultiAzDatabase: "true"
# # InstallXray: "false"
# XrayVersion: 3.10.3
# XrayDatabasePassword: "$[taskcat_genpass_8A]"
# # XrayNumberOfInstances: 2
# AvailabilityZones: "us-east-1a, us-east-1b"
# #commercial account
# VpcId : "vpc-06d7f8e7fd74c254c"
# PublicSubnet1Id : "subnet-004f207945f5a30e7"
# PrivateSubnet1Id: "subnet-0b3599d1838916726"
# PublicSubnet2Id : "subnet-0f4b1c9fdf1ae77e2"
# PrivateSubnet2Id: "subnet-0fbe8d14f1082cf2d"
# template: templates/jfrog-artifactory-ec2-marketplace-master.template.yaml
# regions:
# - us-east-1
# rt-simple:
# parameters:
# KeyPairName: "vinaykey1"
# AvailabilityZones: "$[taskcat_genaz_2]"
# DatabasePassword: "$[taskcat_genpass_8A]"
# QsS3BucketName: "$[taskcat_autobucket]"
# QsS3KeyPrefix: "quickstart-jfrog-artifactory/"
# QsS3BucketRegion: "$[taskcat_current_region]"
# template: templates/jfrog-artifactory-ec2-simple-master.template.yaml
# regions:
# - us-east-2
# rt-ecs-postgres:
# parameters:
# KeyPairName: "vinaykey1"
# RemoteAccessCidr: "0.0.0.0/0"
# AccessCidr: "0.0.0.0/0"
# DatabasePassword: "$[taskcat_genpass_8A]"
# QsS3BucketName: "$[taskcat_autobucket]"
# QsS3KeyPrefix: "quickstart-jfrog-artifactory/"
# QsS3BucketRegion: "$[taskcat_current_region]"
# # DatabaseInstance: "db.m5.large"
# # DatabaseEngine: MySQL
# ArtifactoryVersion: "7.10.2"
# # ReleaseStage: "GA"
# NumberOfSecondary: "2"
# AnsibleVaultPass: "$[taskcat_genpass_8A]"
# ArtifactoryServerName: "artifactory"
# MasterKey: "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
# SmLicenseCertName: "jfrog-artifactory"
# MultiAzDatabase: "false"
# # AvailabilityZones: "$[taskcat_genaz_2]"
# # template: templates/jfrog-artifactory-ecs-master.template.yaml
# # after creating a VPC, comment line above and uncomment lines below for faster iteration
# # commercial account
# AvailabilityZones: "us-east-2a, us-east-2b"
# VpcId : "vpc-0f1ba9d9e6125f50e"
# PublicSubnet1Id : "subnet-0428a0b682504e234"
# PrivateSubnet1Id: "subnet-08b2941d6a9a85579"
# PublicSubnet2Id : "subnet-0dd6c76f09924a8c1"
# PrivateSubnet2Id: "subnet-05a004086f004dfa1"
# template: templates/jfrog-artifactory-ecs-existing-vpc.template.yaml
# regions:
# - us-east-2
# rt-eks:
# auth:
# default: temp
# parameters:
# KeyPairName: "vinaykey1"
# RemoteAccessCidr: "0.0.0.0/0"
# AccessCidr: "0.0.0.0/0"
# AvailabilityZones: "$[taskcat_genaz_3]"
# DatabasePassword: "$[taskcat_genpass_8A]"
# QsS3BucketName: "$[taskcat_autobucket]"
# QsS3KeyPrefix: "quickstart-jfrog-artifactory/"
# QsS3BucketRegion: "$[taskcat_current_region]"
# DatabaseInstance: "db.m5.large"
# ArtifactoryVersion: "7.10.2"
# NumberOfSecondary: "2"
# ArtifactoryServerName: "artifactory"
# MasterKey: "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
# SmLicenseCertName: "jfrog-artifactory"
# MultiAzDatabase: "false"
# InstallXray: "true"
# XrayHelmChartVersion: 3.10.3
# XrayDatabasePassword: "$[taskcat_genpass_8A]"
# XrayNumberOfSecondary: 1
# RabbitMQPassword: "$[taskcat_genpass_8A]"
# template: templates/jfrog-artifactory-eks-master.template.yaml
# regions:
# - us-west-2
# rt-eks-core:
# parameters:
# ArtifactoryDeploymentSize: Medium
# ArtifactoryVersion: 7.2.1
# DatabaseEngine: Postgres
# DatabaseName: artdb
# DatabaseUser: artifactory
# KubeConfigKmsContext: JFrogArtifactory
# NumberOfSecondary: 2
# template: templates/jfrog-artifactory-eks-core-workload.template.yaml

378
Amazon/Marketplace/v7.10.2/templates/jfrog-artifactory-core-infrastructure.template.yaml Normal file
View File

@@ -0,0 +1,378 @@
AWSTemplateFormatVersion: '2010-09-09'
Description: 'JFrog Artifactory Quick Start Deployment (qs-1qpmmjh61)'
Parameters:
VpcId:
Type: AWS::EC2::VPC::Id
VpcCidr:
Description: CIDR block for the VPC
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.0.0/16
Type: String
PrivateSubnet1Cidr:
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.0.0/19
Type: String
PrivateSubnet2Cidr:
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.32.0/19
Type: String
PrivateSubnet3Cidr:
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.64.0/19
Type: String
SubnetIds:
Type: List<AWS::EC2::Subnet::Id>
DatabaseAllocatedStorage:
Type: Number
MultiAzDatabase:
Type: String
DatabaseEngine:
Type: String
DatabaseUser:
Type: String
DatabasePassword:
NoEcho: 'true'
Type: String
DatabaseInstance:
Type: String
DatabaseName:
Type: String
ArtifactoryS3IAMUser:
NoEcho: 'true'
Type: String
ArtifactoryProduct:
Default: JFrog-Artifactory-Pro
Type: String
ReleaseStage:
Default: GA
Type: String
InstanceType:
Default: m5.xlarge
Type: String
Mappings:
DatabaseMap:
Postgres:
Name: postgresql
DatabaseVersion: 11.5
Driver: "org.postgresql.Driver"
Plugin: postgresql-42.2.9.jar
PluginURL: https://jdbc.postgresql.org/download/
port: "5432"
extraDatabaseOps: ""
ReleaseStageMap:
BETA:
ProDockerRepo: "earlyaccess-docker.jfrog.io/jfrog/artifactory-pro"
JcrDockerRepo: "earlyaccess-docker.jfrog.io/jfrog/artifactory-jcr"
NginxDockerRepo: "earlyaccess-docker.jfrog.io/jfrog/nginx-artifactory-pro"
GA:
ProDockerRepo: "docker.bintray.io/jfrog/artifactory-pro"
JcrDockerRepo: "docker.bintray.io/jfrog/artifactory-jcr"
NginxDockerRepo: "docker.bintray.io/jfrog/nginx-artifactory-pro"
ProductMap:
JFrog-Container-Registry:
RepoName: JcrDockerRepo
JFrog-Artifactory-Pro:
RepoName: ProDockerRepo
JavaOptionstoInstance:
m5.large:
Min: 4
Max: 4
DeploymentSize: xxSmall
m5.xlarge:
Min: 8
Max: 12
DeploymentSize: xSmall
m5.2xlarge:
Min: 16
Max: 24
DeploymentSize: Small
m5.4xlarge:
Min: 32
Max: 48
DeploymentSize: Medium
m5.8xlarge:
Min: 64
Max: 96
DeploymentSize: Large
m5.12xlarge:
Min: 96
Max: 144
DeploymentSize: xLarge
m5.16xlarge:
Min: 128
Max: 192
DeploymentSize: xxLarge
m5.24xlarge:
Min: 192
Max: 288
DeploymentSize: xxxLarge
m5.metal:
Min: 192
Max: 288
DeploymentSize: xxxLarge
m5d.large:
Min: 4
Max: 4
DeploymentSize: xxSmall
m5d.xlarge:
Min: 8
Max: 12
DeploymentSize: xSmall
m5d.2xlarge:
Min: 16
Max: 24
DeploymentSize: Small
m5d.4xlarge:
Min: 32
Max: 48
DeploymentSize: Medium
m5d.8xlarge:
Min: 64
Max: 96
DeploymentSize: Large
m5d.12xlarge:
Min: 96
Max: 144
DeploymentSize: xLarge
m5d.16xlarge:
Min: 128
Max: 192
DeploymentSize: xxLarge
m5d.24xlarge:
Min: 192
Max: 288
DeploymentSize: xxxLarge
m5d.metal:
Min: 192
Max: 288
DeploymentSize: xxxLarge
m5a.large:
Min: 4
Max: 4
DeploymentSize: xxSmall
m5a.xlarge:
Min: 8
Max: 12
DeploymentSize: xSmall
m5a.2xlarge:
Min: 16
Max: 24
DeploymentSize: Small
m5a.4xlarge:
Min: 32
Max: 48
DeploymentSize: Medium
m5a.8xlarge:
Min: 64
Max: 96
DeploymentSize: Large
m5a.12xlarge:
Min: 96
Max: 144
DeploymentSize: xLarge
m5a.16xlarge:
Min: 128
Max: 192
DeploymentSize: xxLarge
m5a.24xlarge:
Min: 192
Max: 288
DeploymentSize: xxxLarge
m5ad.large:
Min: 4
Max: 4
DeploymentSize: xxSmall
m5ad.xlarge:
Min: 8
Max: 12
DeploymentSize: xSmall
m5ad.2xlarge:
Min: 16
Max: 24
DeploymentSize: Small
m5ad.4xlarge:
Min: 32
Max: 48
DeploymentSize: Medium
m5ad.12xlarge:
Min: 96
Max: 144
DeploymentSize: xLarge
m5ad.24xlarge:
Min: 192
Max: 288
DeploymentSize: xxxLarge
Resources:
ArtifactoryDatabaseSubnetGroup:
Type: AWS::RDS::DBSubnetGroup
Properties:
DBSubnetGroupDescription: Private Subnets available to the RDS Instance(s)
SubnetIds: !Ref SubnetIds
ArtifactoryDatabase:
Type: AWS::RDS::DBInstance
Properties:
AllocatedStorage: !Ref DatabaseAllocatedStorage
MultiAZ: !Ref MultiAzDatabase
Engine: !Ref DatabaseEngine
EngineVersion: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- DatabaseVersion
MasterUsername: !Ref DatabaseUser
MasterUserPassword: !Ref DatabasePassword
DBInstanceClass: !Ref DatabaseInstance
DBName: !Ref DatabaseName
DBSubnetGroupName: !Ref ArtifactoryDatabaseSubnetGroup
VPCSecurityGroups:
- !Ref ArtifactoryDatabaseSG
ArtifactoryDatabaseSG:
Type: AWS::EC2::SecurityGroup
Properties:
Tags:
- Key: Name
Value: artifactory-rds-sg
GroupDescription: SG for RDS Instance to allow communication from the Bastion and Artifactory servers.
VpcId: !Ref VpcId
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: !Ref VpcCidr
- IpProtocol: tcp
FromPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
ToPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
CidrIp: !Ref PrivateSubnet1Cidr
- IpProtocol: tcp
FromPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
ToPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
CidrIp: !Ref PrivateSubnet2Cidr
- IpProtocol: tcp
FromPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
ToPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
CidrIp: !Ref PrivateSubnet3Cidr
SecurityGroupEgress:
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: 0.0.0.0/0
ArtifactoryS3Bucket:
Type: AWS::S3::Bucket
Properties:
AccessControl: Private
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256
ArtifactoryS3IAMPolicy:
Type: AWS::IAM::Policy
Properties:
PolicyName: S3BucketPermissions
PolicyDocument:
Version: 2012-10-17
Statement:
- Sid: S3BucketPermissions
Effect: Allow
Action:
- s3:*
Resource:
- Fn::Join:
- ''
- - !Sub "arn:${AWS::Partition}:s3:::"
- !Ref ArtifactoryS3Bucket
- Fn::Join:
- ''
- - !Sub "arn:${AWS::Partition}:s3:::"
- !Ref ArtifactoryS3Bucket
- "/*"
Users:
- !Ref ArtifactoryS3IAMUser
Outputs:
S3Bucket:
Value: !Ref ArtifactoryS3Bucket
Description: Actual S3 bucket created for Artifactory
DatabaseDriver:
Value: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Driver]
DatabasePlugin:
Value: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Plugin]
DatabasePluginUrl:
Value: !Sub
- "${MainURL}${PluginVersion}"
- {
MainURL: !FindInMap [DatabaseMap, !Ref DatabaseEngine, PluginURL],
PluginVersion: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Plugin]
}
DatabaseType:
Value: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name]
DatabaseUrl:
Value: !Sub
- "jdbc:${DatabaseType}://${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}${extraDatabaseOps}"
- {
DatabaseType: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name],
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
extraDatabaseOps: !FindInMap [DatabaseMap, !Ref DatabaseEngine, extraDatabaseOps],
}
XrayMasterDatabaseUrl:
Value: !Sub
- "${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}?sslmode=disable"
- {
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
}
XrayDatabaseUrl:
Value: !Sub
- "${ArtifactoryDatabaseEndpointAddress}:${port}/xraydb?sslmode=disable"
- {
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
}
ProDockerRepo:
Value: !FindInMap
- ReleaseStageMap
- !Ref ReleaseStage
- !FindInMap
- ProductMap
- !Ref ArtifactoryProduct
- RepoName
NginxDockerRepo:
Value: !FindInMap [ReleaseStageMap, !Ref ReleaseStage, NginxDockerRepo]
JavaOpts:
Value: !Sub
- "-Xms${min}g -Xmx${max}g"
- {
min: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Min],
max: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Max]
}
DeploymentSize:
Value: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, DeploymentSize]

1024
Amazon/Marketplace/v7.10.2/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

403
Amazon/Marketplace/v7.10.2/templates/jfrog-artifactory-ec2-instance.template.yaml Normal file
View File

@@ -0,0 +1,403 @@
AWSTemplateFormatVersion: "2010-09-09"
Description: "Deploys the EC2 Autoscaling, LaunchConfig and Instance for Artifactory (qs-1qpmmjh5o)"
Parameters:
PrivateSubnet1Id:
Type: 'AWS::EC2::Subnet::Id'
PrivateSubnet2Id:
Type: 'AWS::EC2::Subnet::Id'
MinScalingNodes:
Type: Number
MaxScalingNodes:
Type: Number
DeploymentTag:
Type: String
HostRole:
Type: String
AmiId:
Type: String
ArtifactoryProduct:
Type: String
QsS3BucketName:
Type: String
QsS3KeyPrefix:
Type: String
QsS3Uri:
Type: String
ArtifactoryLicense1:
Type: String
ArtifactoryLicense2:
Type: String
ArtifactoryLicense3:
Type: String
ArtifactoryLicense4:
Type: String
ArtifactoryLicense5:
Type: String
ArtifactoryLicense6:
Type: String
ArtifactoryServerName:
Type: String
Certificate:
Type: String
CertificateKey:
Type: String
NoEcho: 'true'
CertificateDomain:
Type: String
EnableSSL:
Type: String
ArtifactoryIamAcessKey:
Type: String
NoEcho: 'true'
SecretAccessKey:
Type: String
NoEcho: 'true'
ArtifactoryS3Bucket:
Type: String
DatabaseUrl:
Type: String
DatabaseDriver:
Type: String
DatabasePluginUrl:
Type: String
DatabasePlugin:
Type: String
DatabaseType:
Type: String
DatabaseUser:
Type: String
DatabasePassword:
Type: String
NoEcho: 'true'
ArtifactoryPrimary:
Type: String
MasterKey:
Type: String
NoEcho: 'true'
ExtraJavaOptions:
Type: String
ArtifactoryVersion:
Type: String
KeyPairName:
Type: AWS::EC2::KeyPair::KeyName
TargetGroupARN:
Type: String
SSLTargetGroupARN:
Type: String
InternalTargetGroupARN:
Type: String
HostProfile:
Type: String
SecurityGroups:
Type: String
InstanceType:
Type: String
VolumeSize:
Type: Number
KeystorePassword:
Description: Default Keystore from Java in which we upgrade.
Type: String
NoEcho: 'true'
AnsibleVaultPass:
Description: Ansiblevault Password to secure the artifactory.yml
Type: String
NoEcho: 'true'
# To populate additional mappings use the following with the desired --region
# aws --region us-west-2 ec2 describe-images --owners amazon --filters 'Name=name,Values=amzn-ami-hvm-2018.03.0.20181129-x86_64-gp2' 'Name=state,Values=available' --output json | jq -r '.Images | sort_by(.CreationDate) | last(.[]).ImageId'
Mappings:
AWSAMIRegionMap:
ap-northeast-1:
AMZNLINUXHVM: ami-079e6fb1e856e80c1
"Artifactory721": ami-09dfb20a591375d09
"Artifactory755": ami-09dfb20a591375d09 # TODO: Get correct ami
"Jcr721": ami-0d87bf5404e186c90
ap-northeast-2:
AMZNLINUXHVM: ami-0e4a253fb5f082688
"Artifactory721": ami-0eb86b82de93a34fb
"Artifactory755": ami-0eb86b82de93a34fb # TODO: Get correct ami
"Jcr721": ami-047275320dc0101df
ap-south-1:
AMZNLINUXHVM: ami-01e074f40dfb9999d
"Artifactory721": ami-01b828aa6cc99a322
"Artifactory755": ami-01b828aa6cc99a322 # TODO: Get correct ami
"Jcr721": ami-003e20ccb4b8b1efc
ap-southeast-1:
AMZNLINUXHVM: ami-0d9233e8ce73df7b2
"Artifactory721": ami-04a94cc4dc0d08c98
"Artifactory755": ami-04a94cc4dc0d08c98 # TODO: Get correct ami
"Jcr721": ami-016d81f9a055d84f7
ap-southeast-2:
AMZNLINUXHVM: ami-0c91f97cadcc8499e
"Artifactory721": ami-030871aa8d1f0689e
"Artifactory755": ami-030871aa8d1f0689e # TODO: Get correct ami
"Jcr721": ami-0a257f38f4e17b489
ca-central-1:
AMZNLINUXHVM: ami-003a0ba7ea76b2785
"Artifactory721": ami-0148cebea7bea4aaf
"Artifactory755": ami-0148cebea7bea4aaf # TODO: Get correct ami
"Jcr721": ami-0366fde97d0c9c63c
eu-central-1:
AMZNLINUXHVM: ami-0ab838eeee7f316eb
"Artifactory721": ami-07961f7c210143a42
"Artifactory755": ami-07961f7c210143a42 # TODO: Get correct ami
"Jcr721": ami-025ce18f43dbbee65
eu-west-1:
AMZNLINUXHVM: ami-071f4ce599deff521
"Artifactory721": ami-0171b8d46941b4ca1
"Artifactory755": ami-0171b8d46941b4ca1 # TODO: Get correct ami
"Jcr721": ami-0a0c02357d264c397
sa-east-1:
AMZNLINUXHVM: ami-04b202bf877b5027b
"Artifactory721": ami-0596f196b273bb8a6
"Artifactory755": ami-0596f196b273bb8a6 # TODO: Get correct ami
"Jcr721": ami-0f5f29385fc7cf6a9
us-east-1:
AMZNLINUXHVM: ami-09d069a04349dc3cb
"Artifactory700": ami-06baee01fb2ef01d2
"Artifactory702": ami-085b1acc8e8b5b039
"Artifactory721": ami-0d4d4252cdc2b6f11
"Artifactory755": ami-07c0a3d7663fcafb9 # TODO: Get correct ami
"Artifactory773": ami-0e1639df4df532641 # partnership account + seller account
"Artifactory7102": ami-0d3aaf4303a264d04 # seller account (shared with partnership account)
"Jcr720": ami-05aa02eddf5f692b7
"Jcr721": ami-04fed5fc210272dfe
"Jcr7102": ami-0508370f82ef2e50d
us-east-2:
AMZNLINUXHVM: ami-0d542ef84ec55d71c
"Artifactory721": ami-0a913af05ccdaa522
"Artifactory755": ami-05071c07a672ddf54 # TODO: Get correct ami - using ami generated by myself
"Jcr721": ami-0d50790b8fb747584
us-west-1:
AMZNLINUXHVM: ami-04bc3da8f14823e88
"Artifactory721": ami-068cd684b4d3a3a86
"Artifactory755": ami-068cd684b4d3a3a86 # TODO: Get correct ami
"Jcr721": ami-0e1cef33ea2778bd5
us-west-2:
AMZNLINUXHVM: ami-01460aa81365561fe
"700": ami-000937e944ea194bf
"Artifactory721": ami-0c132dd3640519a35
"Artifactory755": ami-0007155f7b7de9386 # TODO: Get correct ami
"Artifactory773": ami-0a1b8c5bd6ea279b0 # partnership account + seller account
"Jcr721": ami-083542bb4f8afa3db
us-gov-east-1:
AMZNLINUX2: ami-7c2bc80d
"Artifactory755": ami-0732b9134b39caf5c
"Artifactory7102": ami-0f5ce3b2c087a8098
us-gov-west-1:
AMZNLINUX2: ami-a03768c1
"Artifactory755": ami-0b9d3e9ee5ffdc491
ArtifactoryProductMap:
JFrog-Container-Registry:
"720": "Jcr720"
"721": "Jcr721"
"743": "Jcr743"
"7102": "Jcr7102"
product: "jcr"
JFrog-Artifactory-Pro:
"700": "Artifactory700"
"702": "Artifactory702"
"721": "Artifactory721"
"755": "Artifactory755"
"773": "Artifactory773"
"7102": "Artifactory7102"
product: "artifactory"
Resources:
ArtifactoryScalingGroup:
Type: 'AWS::AutoScaling::AutoScalingGroup'
Properties:
LaunchConfigurationName: !Ref ArtifactoryLaunchConfiguration
VPCZoneIdentifier:
- !Ref PrivateSubnet1Id
- !Ref PrivateSubnet2Id
MinSize: !Ref MinScalingNodes
MaxSize: !Ref MaxScalingNodes
Cooldown: '300'
DesiredCapacity: !Ref MinScalingNodes
TargetGroupARNs:
- !Ref TargetGroupARN
- !Ref SSLTargetGroupARN
- !Ref InternalTargetGroupARN
HealthCheckType: ELB
HealthCheckGracePeriod: 900
Tags:
- Key: Name
Value: !Ref DeploymentTag
PropagateAtLaunch: true
CreationPolicy:
ResourceSignal:
Count: 1
Timeout: PT30M
ArtifactoryLaunchConfiguration:
Type: 'AWS::AutoScaling::LaunchConfiguration'
Metadata:
'AWS::CloudFormation::Authentication':
S3AccessCreds:
type: S3
roleName:
- !Ref HostRole # !Ref ArtifactoryHostRole
buckets:
- !Ref QsS3BucketName
'AWS::CloudFormation::Init':
configSets:
artifactory_install:
- "config-artifactory-master"
- "secure-artifactory"
config-artifactory-master:
files:
/root/.jfrog_ami/artifactory.yml:
content: !Sub
- |
# Base install for Artifactory
- import_playbook: site-artifactory.yml
vars:
artifactory_license1: ${ArtifactoryLicense1}
artifactory_license2: ${ArtifactoryLicense2}
artifactory_license3: ${ArtifactoryLicense3}
artifactory_license4: ${ArtifactoryLicense4}
artifactory_license5: ${ArtifactoryLicense5}
artifactory_license6: ${ArtifactoryLicense6}
artifactory_product: ${product}
artifactory_flavour: "{{ 'pro' if '${product}' == 'artifactory' else 'jcr' if '${product}' == 'jcr' }}"
artifactory_server_name: ${ArtifactoryServerName}
server_name: ${ArtifactoryServerName}.${CertificateDomain}
s3_region: ${AWS::Region}
s3_access_key: ${ArtifactoryIamAcessKey}
s3_access_secret_key: ${SecretAccessKey}
s3_bucket: ${ArtifactoryS3Bucket}
certificate: ${Certificate}
certificate_key: ${CertificateKey}
certificate_domain: ${CertificateDomain}
enable_ssl: ${EnableSSL}
ssl_dir: /etc/pki/tls/certs
db_type: ${DatabaseType}
db_driver: ${DatabaseDriver}
db_url: ${DatabaseUrl}
db_user: ${DatabaseUser}
db_password: ${DatabasePassword}
# db_download_url: https://jdbc.postgresql.org/download/postgresql-42.2.12.jar
art_primary: ${ArtifactoryPrimary}
master_key: ${MasterKey}
join_key: ${MasterKey}
extra_java_opts: ${ExtraJavaOptions}
artifactory_version: ${ArtifactoryVersion}
artifactory_keystore:
path: /opt/jfrog/artifactory/app/third-party/java/lib/security/cacerts
default_password: changeit
new_keystore_pass: ${KeystorePassword}
artifactory_java_db_drivers:
- name: ${DatabasePlugin}
url: ${DatabasePluginUrl}
owner: artifactory
group: artifactory
- {
product: !FindInMap [ArtifactoryProductMap, !Ref ArtifactoryProduct, product]
}
mode: "0400"
/root/.vault_pass.txt:
content: !Sub |
${AnsibleVaultPass}
mode: "0400"
/root/.secureit.sh:
content:
ansible-vault encrypt /root/.jfrog_ami/artifactory.yml --vault-id /root/.vault_pass.txt
mode: "0770"
secure-artifactory:
commands:
'secure ansible playbook':
command: '/root/.secureit.sh'
ignoreErrors: 'false'
Properties:
AssociatePublicIpAddress: false
KeyName: !Ref KeyPairName
IamInstanceProfile: !Ref HostProfile
ImageId: !FindInMap
- AWSAMIRegionMap
- !Ref 'AWS::Region'
- !FindInMap
- ArtifactoryProductMap
- !Ref ArtifactoryProduct
- !Ref AmiId
SecurityGroups:
- !Ref SecurityGroups
InstanceType: !Ref InstanceType
BlockDeviceMappings:
- DeviceName: /dev/xvda
Ebs:
VolumeSize: !Ref VolumeSize
VolumeType: gp2
DeleteOnTermination: true
UserData:
'Fn::Base64':
!Sub |
#!/bin/bash -x
#CFN Functions
function cfn_fail
{
cfn-signal -e 1 --stack ${AWS::StackName} --region ${AWS::Region} --resource ArtifactoryScalingGroup
exit 1
}
function cfn_success
{
cfn-signal -e 0 --stack ${AWS::StackName} --region ${AWS::Region} --resource ArtifactoryScalingGroup
exit 0
}
S3URI=${QsS3Uri}
# yum install -y git
echo $PATH
PATH=/opt/aws/bin:$PATH
echo $PATH
echo \'[Cloning: Load QuickStart Common Utils]\'
# git clone https://github.com/aws-quickstart/quickstart-linux-utilities.git
source /quickstart-linux-utilities/quickstart-cfn-tools.source
echo \'[Loaded: Load QuickStart Common Utils]\'
echo \'[Update Operating System]\'
qs_update-os || qs_err
qs_bootstrap_pip || qs_err
qs_aws-cfn-bootstrap || qs_err
source ~/venv/bin/activate &> /var/log/userdata.activate_venv.log || qs_err " activate venv failed "
# CentOS cloned virtual machines do not create a new machine id
# https://www.thegeekdiary.com/centos-rhel-7-how-to-change-the-machine-id/
rm -f /etc/machine-id
systemd-machine-id-setup
# mkdir ~/.artifactory_ansible
# aws s3 --region ${AWS::Region} sync s3://${QsS3BucketName}/${QsS3KeyPrefix}cloudInstallerScripts/ ~/.artifactory_ansible/
cfn-init -v --stack ${AWS::StackName} --resource ArtifactoryLaunchConfiguration --configsets artifactory_install --region ${AWS::Region} || cfn_fail
export ANSIBLE_VAULT_PASSWORD_FILE="/root/.vault_pass.txt"
setsebool httpd_can_network_connect 1 -P
ansible-playbook /root/.jfrog_ami/artifactory.yml || qs_err " ansible execution failed "
rm -rf /root/.secureit.sh
[ $(qs_status) == 0 ] && cfn_success || cfn_fail

457
Amazon/Marketplace/v7.10.2/templates/jfrog-artifactory-ec2-marketplace-master.template.yaml Normal file
View File

@@ -0,0 +1,457 @@
AWSTemplateFormatVersion: '2010-09-09'
Description: 'JFrog Artifactory Quick Start Deployment (qs-1qpmmjh2f)'
Metadata:
QuickStartDocumentation:
EntrypointName: "Launch into a new VPC"
AWS::CloudFormation::Interface:
ParameterGroups:
- Label:
default: Security configuration
Parameters:
- KeyPairName
- AccessCidr
- RemoteAccessCidr
- Label:
default: Network configuration
Parameters:
- PrivateSubnet1Cidr
- PrivateSubnet2Cidr
- VpcId
- VpcCidr
- PublicSubnet1Id
- PublicSubnet2Id
- PrivateSubnet1Id
- PrivateSubnet2Id
- Label:
default: Amazon EC2 configuration
Parameters:
- VolumeSize
- InstanceType
- Label:
default: JFrog Artifactory configuration
Parameters:
- ArtifactoryVersion
- NumberOfSecondary
- SmLicenseCertName
- ArtifactoryServerName
- MasterKey
- ExtraJavaOptions
- DefaultJavaMemSettings
- KeystorePassword
- AnsibleVaultPass
- Label:
default: Amazon RDS configuration
Parameters:
- DatabaseName
- DatabaseEngine
- DatabaseUser
- DatabasePassword
- DatabaseInstance
- DatabaseAllocatedStorage
- MultiAzDatabase
- Label:
default: JFrog Xray Configuration
Parameters:
- InstallXray
- XrayVersion
- XrayNumberOfInstances
- XrayInstanceType
- XrayDatabaseUser
- XrayDatabasePassword
ParameterLabels:
KeyPairName:
default: SSH key name
PrivateSubnet1Cidr:
default: Private subnet 1 CIDR
PrivateSubnet2Cidr:
default: Private subnet 2 CIDR
AccessCidr:
default: Permitted IP range
RemoteAccessCidr:
default: Remote access CIDR
VpcId:
default: VPC ID
VpcCidr:
default: VPC CIDR
PublicSubnet1Id:
default: Public subnet 1 ID
PublicSubnet2Id:
default: Public subnet 2 ID
PrivateSubnet1Id:
default: Private subnet 1 ID
PrivateSubnet2Id:
default: Private subnet 2 ID
VolumeSize:
default: EBS root volume size
InstanceType:
default: EC2 instance type
NumberOfSecondary:
default: Secondary instances
ArtifactoryVersion:
default: Artifactory version
SmLicenseCertName:
default: Artifactory licenses and certificate secret name
ArtifactoryServerName:
default: Artifactory server name
MasterKey:
default: Master server key
ExtraJavaOptions:
default: Extra Java options
DefaultJavaMemSettings:
default: Default Java memory settings
KeystorePassword:
default: Java key store password
AnsibleVaultPass:
default: Ansible Vault password
DatabaseName:
default: Database name
DatabaseEngine:
default: Database engine
DatabaseUser:
default: Database user
DatabasePassword:
default: Database password
DatabaseInstance:
default: Database instance type
DatabaseAllocatedStorage:
default: Database allocated storage
MultiAzDatabase:
default: High-availability database
InstallXray:
default: Install JFrog Xray
XrayVersion:
default: Version of Xray to install
XrayNumberOfInstances:
default: Number of JFrog XrayNumberOfInstances
XrayInstanceType:
default: Xray instance type
XrayDatabaseUser:
default: Xray Database user
XrayDatabasePassword:
default: Xray Database password
Parameters:
VpcId:
Description: ID of your existing VPC (e.g., vpc-0343606e).
Type: "AWS::EC2::VPC::Id"
VpcCidr:
Description: CIDR block for the VPC.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.0.0/16
Type: String
PublicSubnet1Id:
Description: ID of the public subnet in Availability Zone 1 of your existing VPC (e.g., subnet-z0376dab).
Type: "AWS::EC2::Subnet::Id"
PublicSubnet2Id:
Description: ID of the public subnet in Availability Zone 2 of your existing VPC (e.g., subnet-a29c3d84).
Type: "AWS::EC2::Subnet::Id"
PrivateSubnet1Id:
Description: ID of the private subnet in Availability Zone 1 of your existing VPC (e.g., subnet-a0246dcd).
Type: "AWS::EC2::Subnet::Id"
PrivateSubnet2Id:
Description: ID of the private subnet in Availability Zone 2 of your existing VPC (e.g., subnet-b58c3d67).
Type: "AWS::EC2::Subnet::Id"
KeyPairName:
Description: Name of an existing key pair,
which allows you to connect securely to your instance after it launches.
This is the key pair you created in your preferred Region.
Type: AWS::EC2::KeyPair::KeyName
PrivateSubnet1Cidr:
Description: CIDR block for private subnet 1, located in Availability Zone 1.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.0.0/19
Type: String
PrivateSubnet2Cidr:
Description: CIDR block for private subnet 2, located in Availability Zone 2.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.32.0/19
Type: String
AccessCidr:
Description: CIDR IP range permitted to access Artifactory.
It is recommended that you set this value to a trusted IP range.
For example, you may want to limit software access to your corporate network.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$
Type: String
RemoteAccessCidr:
Description: Remote CIDR range that allows you to connect to the bastion instance by using SSH.
It is recommended that you set this value to a trusted IP range.
For example, you may want to grant specific ranges from within your corporate network that use the SSH protocol.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$
Type: String
VolumeSize:
Description: Size in gigabytes of available storage (min 10GB). The Quick Start creates an
Amazon Elastic Block Store (Amazon EBS) volumes of this size.
Default: 200
Type: Number
InstanceType:
Description: EC2 type for the Artifactory instances.
AllowedValues:
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m5.metal
- m5d.large
- m5d.xlarge
- m5d.2xlarge
- m5d.4xlarge
- m5d.8xlarge
- m5d.12xlarge
- m5d.16xlarge
- m5d.24xlarge
- m5d.metal
- m5a.large
- m5a.xlarge
- m5a.2xlarge
- m5a.4xlarge
- m5a.8xlarge
- m5a.12xlarge
- m5a.16xlarge
- m5a.24xlarge
ConstraintDescription: Must contain valid instance type.
Default: m5.xlarge
Type: String
NumberOfSecondary:
Description: Number of secondary Artifactory servers to complete your
HA deployment. To align with Artifactory best practices, the minimum number
is two, and the maximum is seven. Do not select more instances than you
have licenses for.
AllowedValues:
- 0
- 1
- 2
- 3
- 4
- 5
- 6
- 7
Default: 2
Type: Number
ArtifactoryVersion:
Description: Version of Artifactory that you want to deploy into the Quick Start.
To select the correct version, see the release notes at
https://www.jfrog.com/confluence/display/RTF/Release+Notes.
AllowedPattern: ^(([0-9]|[1-9][0-9])\.){2}([1-9][0-9]|[0-9])$
ConstraintDescription: A version that matches X.X.X per Artifactory releases.
Default: 7.10.2
Type: String
SmLicenseCertName:
Description: Secret name created in AWS Secrets Manager that contains the SSL certificate, certificate key, and Artifactory licenses.
Default: ''
Type: String
ArtifactoryServerName:
Description: Name of your Artifactory server. Ensure that this matches your certificate.
Type: String
MasterKey:
Description: Master key for the Artifactory cluster. Generate a master key by using the command '$openssl rand -hex 16'.
AllowedPattern: ^[a-zA-Z0-9]+$
MinLength: '1'
MaxLength: '64'
ConstraintDescription: Only capital or lowercase letters and numbers, with a Max of 64 characters.
NoEcho: 'true'
Type: String
ExtraJavaOptions:
Description: Set Java options to pass to the JVM for Artifactory. For more information, see the Artifactory
system requirements at https://www.jfrog.com/confluence/display/RTF/System+Requirements#SystemRequirements-RecommendedHardware.
Do not add Xms or Xmx settings without disabling DefaultJavaMemSettings.
Default: -Xss256k -XX:+UseG1GC
Type: String
DefaultJavaMemSettings:
Description: Choose false to overwrite the standard memory-calculation options to pass to the Artifactory JVM.
If you plan to overwrite them, ensure they are added to the ExtraJavaOptions to prevent the stack provision from failing.
ConstraintDescription: True or False
AllowedValues:
- "true"
- "false"
Default: "true"
Type: String
KeystorePassword:
Description: Java key store password. For better security, the password that you specify will
replace the default Java key store password.
NoEcho: 'true'
Type: String
AnsibleVaultPass:
Description: Ansible Vault password to protect the Artifactory YAML configuration file
generated during the Artifactory deployment. This YAML file is stored on the EC2 nodes
and secured with this password.
NoEcho: 'true'
Type: String
DatabaseName:
Description: Name of your database instance. The name must be unique across all instances
owned by your AWS account in the current Region. The database instance identifier is case-insensitive,
but it's stored in lowercase (as in "mydbinstance").
AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$
MinLength: '1'
MaxLength: '60'
ConstraintDescription: 1 to 60 alphanumeric characters First character must be a letter.
Default: artdb
Type: String
DatabaseEngine:
Description: Database engine that you want to run.
AllowedValues:
- Postgres
Default: Postgres
Type: String
DatabaseUser:
Description: Login ID for the master user of your database instance.
MinLength: '1'
MaxLength: '16'
AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$
ConstraintDescription: 1 to 16 alphanumeric characters. The first character must be a letter.
Default: artifactory
Type: String
DatabasePassword:
Description: Password for the Artifactory database user.
AllowedPattern: ^[^ \\']+$
MinLength: '8'
MaxLength: '12'
ConstraintDescription: Must be at least 8 and no more than
12 characters containing letters and (minimum 1 capital letter), numbers and
symbols.
NoEcho: 'true'
Type: String
DatabaseInstance:
Description: Size of the database to be deployed as part of the Quick Start.
AllowedValues:
- db.m5.large
- db.m5.xlarge
- db.m5.2xlarge
- db.m5.10xlarge
- db.m5.16xlarge
- db.m5.large
- db.m5.xlarge
- db.m5.2xlarge
- db.m5.4xlarge
- db.m5.12xlarge
- db.m5.24xlarge
ConstraintDescription: Must be a valid database Instance Type.
Default: db.m5.large
Type: String
DatabaseAllocatedStorage:
Description: Size in gigabytes of available storage for the database instance.
MinValue: 5
MaxValue: 1024
Default: 10
Type: Number
MultiAzDatabase:
Description: Choose false to create an Amazon RDS instance in a single Availability Zone.
ConstraintDescription: True or False
AllowedValues:
- "true"
- "false"
Default: "true"
Type: String
InstallXray:
Description: Choose true to install JFrog Xray instance(s).
ConstraintDescription: True or False
AllowedValues:
- "true"
- "false"
Default: "true"
Type: String
XrayVersion:
Description: The version of Xray that you want to deploy into the Quick Start.
AllowedPattern: ^(([0-9]|[1-9][0-9])\.){2}([1-9][0-9]|[0-9])$
ConstraintDescription: A version that matches X.X.X per Xray releases.
Default: 3.10.3
Type: String
XrayNumberOfInstances:
Description: The number of Xray instances servers to complete your
HA deployment. The minimum number is one; the maximum is seven.
Do not select more than instances than you have licenses for.
MinValue: 1
MaxValue: 7
Default: 1
Type: Number
XrayInstanceType:
Description: The EC2 instance type for the Xray instances.
AllowedValues:
- c5.2xlarge
- c5.4xlarge
ConstraintDescription: Must contain valid instance type.
Default: c5.2xlarge
Type: String
XrayDatabaseUser:
Description: The login ID for the Xray database user.
MinLength: '1'
MaxLength: '16'
AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$
ConstraintDescription: 1 to 16 alphanumeric characters. First character must be a letter.
Default: xray
Type: String
XrayDatabasePassword:
Description: The password for the Xray database user.
AllowedPattern: ^[^ \\']+$
MinLength: '8'
MaxLength: '12'
ConstraintDescription: Must be at least 8 and no more than
12 characters containing letters and (minimum 1 capital letter), numbers and
symbols.
NoEcho: 'true'
Type: String
Resources:
ArtifactoryExistingVpcStack:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: !Sub https://jfrog-aws-test.s3.us-east-1.${AWS::URLSuffix}/artifactory7/v9/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml
# TemplateURL: !Sub https://${QsS3BucketName}.s3.${QsS3BucketRegion}.${AWS::URLSuffix}/${QsS3KeyPrefix}templates/jfrog-artifactory-ec2-existing-vpc.template.yaml
Parameters:
KeyPairName: !Ref KeyPairName
VpcId: !Ref VpcId
VpcCidr: !Ref VpcCidr
PublicSubnet1Id: !Ref PublicSubnet1Id
PublicSubnet2Id: !Ref PublicSubnet2Id
PrivateSubnet1Id: !Ref PrivateSubnet1Id
PrivateSubnet2Id: !Ref PrivateSubnet2Id
PrivateSubnet1Cidr: !Ref PrivateSubnet1Cidr
PrivateSubnet2Cidr: !Ref PrivateSubnet2Cidr
AccessCidr: !Ref AccessCidr
RemoteAccessCidr: !Ref RemoteAccessCidr
ProvisionBastionHost: "Disabled"
BastionInstanceType: "t3.micro"
BastionRootVolumeSize: 10
BastionEnableTcpForwarding: "true"
BastionEnableX11Forwarding: "false"
BastionOs: "Amazon-Linux2-HVM"
NumBastionHosts: "1"
VolumeSize: !Ref VolumeSize
InstanceType: !Ref InstanceType
NumberOfSecondary: !Ref NumberOfSecondary
ArtifactoryProduct: "JFrog-Artifactory-Pro"
ArtifactoryVersion: !Ref ArtifactoryVersion
SmLicenseCertName: !Ref SmLicenseCertName
ArtifactoryServerName: !Ref ArtifactoryServerName
MasterKey: !Ref MasterKey
ExtraJavaOptions: !Ref ExtraJavaOptions
DefaultJavaMemSettings: !Ref DefaultJavaMemSettings
KeystorePassword: !Ref KeystorePassword
AnsibleVaultPass: !Ref AnsibleVaultPass
DatabaseName: !Ref DatabaseName
DatabaseEngine: !Ref DatabaseEngine
DatabaseUser: !Ref DatabaseUser
DatabasePassword: !Ref DatabasePassword
DatabaseInstance: !Ref DatabaseInstance
DatabaseAllocatedStorage: !Ref DatabaseAllocatedStorage
MultiAzDatabase: !Ref MultiAzDatabase
QsS3BucketName: "jfrog-aws-test"
QsS3KeyPrefix: "artifactory7/v9/"
QsS3BucketRegion: "us-east-1"
InstallXray: !Ref InstallXray
XrayVersion: !Ref XrayVersion
XrayNumberOfInstances: !Ref XrayNumberOfInstances
XrayInstanceType: !Ref XrayInstanceType
XrayDatabaseUser: !Ref XrayDatabaseUser
XrayDatabasePassword: !Ref XrayDatabasePassword
Outputs:
ArtifactoryUrl:
Description: URL of the ELB to access Artifactory
Value: !Sub ${ArtifactoryExistingVpcStack.Outputs.ArtifactoryUrl}
BastionIp:
Value: !Sub ${ArtifactoryExistingVpcStack.Outputs.BastionIp}
Description: Bastion host IP, for admin access via SSH

274
Amazon/Marketplace/v7.10.2/templates/jfrog-xray-ec2-instance.template.yaml Normal file
View File

@@ -0,0 +1,274 @@
AWSTemplateFormatVersion: "2010-09-09"
Description: "Deploys the EC2 Autoscaling, LaunchConfig and Instance for Xray"
Parameters:
PrivateSubnet1Id:
Type: 'AWS::EC2::Subnet::Id'
PrivateSubnet2Id:
Type: 'AWS::EC2::Subnet::Id'
KeyPairName:
Type: AWS::EC2::KeyPair::KeyName
MinScalingNodes:
Type: Number
MaxScalingNodes:
Type: Number
DeploymentTag:
Type: String
QsS3BucketName:
Type: String
QsS3KeyPrefix:
Type: String
QsS3Uri:
Type: String
DatabaseDriver:
Type: String
DatabaseType:
Type: String
DatabaseUser:
Type: String
DatabasePassword:
Type: String
NoEcho: 'true'
MasterKey:
Type: String
NoEcho: 'true'
SecurityGroups:
Type: String
VolumeSize:
Type: Number
XrayHostProfile:
Type: String
XrayHostRole:
Type: String
XrayInstanceType:
Type: String
JfrogInternalUrl:
Type: String
AnsibleVaultPass:
Description: Ansiblevault Password to secure the artifactory.yml
Type: String
NoEcho: 'true'
XrayDatabaseUser:
Type: String
XrayDatabasePassword:
Type: String
NoEcho: 'true'
XrayMasterDatabaseUrl:
Type: String
XrayDatabaseUrl:
Type: String
XrayFirstNode:
Description: Runs database scripts if this is the first node
Type: String
XrayVersion:
Type: String
XrayAmiId:
Type: String
# To populate additional mappings use the following with the desired --region
# aws --region us-west-2 ec2 describe-images --owners amazon --filters 'Name=name,Values=amzn-ami-hvm-2018.03.0.20181129-x86_64-gp2' 'Name=state,Values=available' --output json | jq -r '.Images | sort_by(.CreationDate) | last(.[]).ImageId'
Mappings:
AWSAMIRegionMap:
ap-northeast-1:
"330": ami-09dfb20a591375d09 # TODO: Get correct ami - provided by market place tem
"361": ami-09dfb20a591375d09 # TODO: Get correct ami - provided by market place tem
ap-northeast-2:
"330": ami-0eb86b82de93a34fb # TODO: Get correct ami - provided by market place tem
"361": ami-0eb86b82de93a34fb # TODO: Get correct ami - provided by market place tem
ap-south-1:
"330": ami-01b828aa6cc99a322 # TODO: Get correct ami - provided by market place tem
"361": ami-01b828aa6cc99a322 # TODO: Get correct ami - provided by market place tem
ap-southeast-1:
"330": ami-04a94cc4dc0d08c98 # TODO: Get correct ami - provided by market place tem
"361": ami-04a94cc4dc0d08c98 # TODO: Get correct ami - provided by market place tem
ap-southeast-2:
"330": ami-030871aa8d1f0689e # TODO: Get correct ami - provided by market place tem
"361": ami-030871aa8d1f0689e # TODO: Get correct ami - provided by market place tem
ca-central-1:
"330": ami-0148cebea7bea4aaf # TODO: Get correct ami - provided by market place tem
"361": ami-0148cebea7bea4aaf # TODO: Get correct ami - provided by market place tem
eu-central-1:
"330": ami-07961f7c210143a42 # TODO: Get correct ami - provided by market place tem
"361": ami-07961f7c210143a42 # TODO: Get correct ami - provided by market place tem
eu-west-1:
"330": ami-0171b8d46941b4ca1 # TODO: Get correct ami - provided by market place tem
"361": ami-0171b8d46941b4ca1 # TODO: Get correct ami - provided by market place tem
sa-east-1:
"330": ami-0596f196b273bb8a6 # TODO: Get correct ami - provided by market place tem
"361": ami-0596f196b273bb8a6 # TODO: Get correct ami - provided by market place tem
us-east-1:
"330": ami-0d4d4252cdc2b6f11 # TODO: Get correct ami - provided by market place tem
"361": ami-086fcbf4aa2bd203f # TODO: Get correct ami - provided by market place tem
"386": ami-0becff949aa530956 # partnership account + seller account
"3103": ami-0e19b1335bc3654c3 # seller account (shared with partnership account)
us-east-2:
"330": ami-00a5fcde44618d39b # TODO: Get correct ami - using ami generated by myself - provided by market place tem
"361": ami-005b2ceceac6999ff # TODO: Get correct ami - using ami generated by myself - provided by market place tem
us-west-1:
"330": ami-068cd684b4d3a3a86 # TODO: Get correct ami - provided by market place tem
"361": ami-068cd684b4d3a3a86 # TODO: Get correct ami - provided by market place tem
us-west-2:
"330": ami-03d60da4c8a146a55 # TODO: Get correct ami - provided by market place tem
"361": ami-03d60da4c8a146a55 # TODO: Get correct ami - provided by market place tem
"386": ami-07af1682f09ef4a20 # partnership account + seller account
us-gov-east-1:
"361": ami-001d5cec1e7399f65 # TODO: Get correct ami - provided by market place tem
"3103": ami-08d1d573a758ba6b2
us-gov-west-1:
"361": ami-0eb4eecce8d5bcb80 # TODO: Get correct ami - provided by market place tem
Resources:
XrayScalingGroup:
Type: 'AWS::AutoScaling::AutoScalingGroup'
Properties:
LaunchConfigurationName: !Ref XrayLaunchConfiguration
VPCZoneIdentifier:
- !Ref PrivateSubnet1Id
- !Ref PrivateSubnet2Id
MinSize: !Ref MinScalingNodes
MaxSize: !Ref MaxScalingNodes
Cooldown: '300'
DesiredCapacity: !Ref MinScalingNodes
HealthCheckType: EC2
HealthCheckGracePeriod: 900
Tags:
- Key: Name
Value: !Ref DeploymentTag
PropagateAtLaunch: true
CreationPolicy:
ResourceSignal:
Count: 1
Timeout: PT60M
XrayLaunchConfiguration:
Type: 'AWS::AutoScaling::LaunchConfiguration'
Metadata:
'AWS::CloudFormation::Authentication':
S3AccessCreds:
type: S3
roleName:
- !Ref XrayHostRole
buckets:
- !Ref QsS3BucketName
'AWS::CloudFormation::Init':
configSets:
xray_install:
- "config-xray"
config-xray:
files:
/root/.xray_ami/xray.yml:
content: !Sub
- |
# Base install for Xray
- import_playbook: site-xray.yml
vars:
jfrog_url: ${JfrogInternalUrl}
master_key: ${MasterKey}
join_key: ${MasterKey}
db_type: ${DatabaseType}
db_driver: ${DatabaseDriver}
db_url: postgres://${XrayDatabaseUrl}
db_user: ${XrayDatabaseUser}
db_password: ${XrayDatabasePassword}
xray_version: ${XrayVersion}
- {
product: Xray
}
mode: "0400"
/root/.vault_pass.txt:
content: !Sub |
${AnsibleVaultPass}
mode: "0400"
Properties:
AssociatePublicIpAddress: false
KeyName: !Ref KeyPairName
IamInstanceProfile: !Ref XrayHostProfile
ImageId: !FindInMap
- AWSAMIRegionMap
- !Ref 'AWS::Region'
- !Ref XrayAmiId
SecurityGroups:
- !Ref SecurityGroups
InstanceType: !Ref XrayInstanceType
BlockDeviceMappings:
- DeviceName: /dev/xvda
Ebs:
VolumeSize: !Ref VolumeSize
VolumeType: gp2
DeleteOnTermination: true
UserData:
'Fn::Base64':
!Sub |
#!/bin/bash -x
exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1
#CFN Functions
function cfn_fail
{
cfn-signal -e 1 --stack ${AWS::StackName} --region ${AWS::Region} --resource XrayScalingGroup
exit 1
}
function cfn_success
{
cfn-signal -e 0 --stack ${AWS::StackName} --region ${AWS::Region} --resource XrayScalingGroup
exit 0
}
S3URI=${QsS3Uri}
# yum install -y git
echo $PATH
PATH=/opt/aws/bin:$PATH
echo $PATH
echo \'[Cloning: Load QuickStart Common Utils]\'
# git clone https://github.com/aws-quickstart/quickstart-linux-utilities.git
source /quickstart-linux-utilities/quickstart-cfn-tools.source
echo \'[Loaded: Load QuickStart Common Utils]\'
echo \'[Update Operating System]\'
qs_update-os || qs_err
qs_bootstrap_pip || qs_err
qs_aws-cfn-bootstrap || qs_err
source ~/venv/bin/activate &> /var/log/userdata.activate_venv.log || qs_err " activate venv failed "
# mkdir ~/.xray_ansible
# aws s3 --region ${AWS::Region} sync s3://${QsS3BucketName}/${QsS3KeyPrefix}cloudInstallerScripts/ ~/.xray_ansible/
cfn-init -v --stack ${AWS::StackName} --resource XrayLaunchConfiguration --configsets xray_install --region ${AWS::Region} || cfn_fail
# CentOS cloned virtual machines do not create a new machine id
# https://www.thegeekdiary.com/centos-rhel-7-how-to-change-the-machine-id/
rm -f /etc/machine-id
systemd-machine-id-setup
if "true" == "${XrayFirstNode}"
then
psql postgresql://${DatabaseUser}:${DatabasePassword}@${XrayMasterDatabaseUrl} -c "CREATE USER ${XrayDatabaseUser} WITH PASSWORD '${XrayDatabasePassword}'" &>> /var/log/userdata.xray_database.log;
psql postgresql://${DatabaseUser}:${DatabasePassword}@${XrayMasterDatabaseUrl} -c "grant ${XrayDatabaseUser} to ${DatabaseUser}" &>> /var/log/userdata.xray_database.log;
psql postgresql://${DatabaseUser}:${DatabasePassword}@${XrayMasterDatabaseUrl} -c "CREATE DATABASE xraydb WITH OWNER=${XrayDatabaseUser} ENCODING='UTF8'" &>> /var/log/userdata.xray_database.log;
psql postgresql://${DatabaseUser}:${DatabasePassword}@${XrayMasterDatabaseUrl} -c "GRANT ALL PRIVILEGES ON DATABASE xraydb TO ${XrayDatabaseUser}" &>> /var/log/userdata.xray_database.log;
fi
ansible-playbook /root/.xray_ami/xray.yml || qs_err " ansible execution failed "
$(qs_status) &> /var/log/qs_status.log
cfn_success &> /var/log/cfn_success.log
[ $(qs_status) == 0 ] && cfn_success || cfn_fail

378
Amazon/Marketplace/v7106/templates/jfrog-artifactory-core-infrastructure.template.yaml Normal file
View File

@@ -0,0 +1,378 @@
AWSTemplateFormatVersion: '2010-09-09'
Description: 'JFrog Artifactory Quick Start Deployment (qs-1qpmmjh61)'
Parameters:
VpcId:
Type: AWS::EC2::VPC::Id
VpcCidr:
Description: CIDR block for the VPC
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.0.0/16
Type: String
PrivateSubnet1Cidr:
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.0.0/19
Type: String
PrivateSubnet2Cidr:
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.32.0/19
Type: String
PrivateSubnet3Cidr:
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.64.0/19
Type: String
SubnetIds:
Type: List<AWS::EC2::Subnet::Id>
DatabaseAllocatedStorage:
Type: Number
MultiAzDatabase:
Type: String
DatabaseEngine:
Type: String
DatabaseUser:
Type: String
DatabasePassword:
NoEcho: 'true'
Type: String
DatabaseInstance:
Type: String
DatabaseName:
Type: String
ArtifactoryS3IAMUser:
NoEcho: 'true'
Type: String
ArtifactoryProduct:
Default: JFrog-Artifactory-Pro
Type: String
ReleaseStage:
Default: GA
Type: String
InstanceType:
Default: m5.xlarge
Type: String
Mappings:
DatabaseMap:
Postgres:
Name: postgresql
DatabaseVersion: 11.5
Driver: "org.postgresql.Driver"
Plugin: postgresql-42.2.9.jar
PluginURL: https://jdbc.postgresql.org/download/
port: "5432"
extraDatabaseOps: ""
ReleaseStageMap:
BETA:
ProDockerRepo: "earlyaccess-docker.jfrog.io/jfrog/artifactory-pro"
JcrDockerRepo: "earlyaccess-docker.jfrog.io/jfrog/artifactory-jcr"
NginxDockerRepo: "earlyaccess-docker.jfrog.io/jfrog/nginx-artifactory-pro"
GA:
ProDockerRepo: "docker.bintray.io/jfrog/artifactory-pro"
JcrDockerRepo: "docker.bintray.io/jfrog/artifactory-jcr"
NginxDockerRepo: "docker.bintray.io/jfrog/nginx-artifactory-pro"
ProductMap:
JFrog-Container-Registry:
RepoName: JcrDockerRepo
JFrog-Artifactory-Pro:
RepoName: ProDockerRepo
JavaOptionstoInstance:
m5.large:
Min: 4
Max: 4
DeploymentSize: xxSmall
m5.xlarge:
Min: 8
Max: 12
DeploymentSize: xSmall
m5.2xlarge:
Min: 16
Max: 24
DeploymentSize: Small
m5.4xlarge:
Min: 32
Max: 48
DeploymentSize: Medium
m5.8xlarge:
Min: 64
Max: 96
DeploymentSize: Large
m5.12xlarge:
Min: 96
Max: 144
DeploymentSize: xLarge
m5.16xlarge:
Min: 128
Max: 192
DeploymentSize: xxLarge
m5.24xlarge:
Min: 192
Max: 288
DeploymentSize: xxxLarge
m5.metal:
Min: 192
Max: 288
DeploymentSize: xxxLarge
m5d.large:
Min: 4
Max: 4
DeploymentSize: xxSmall
m5d.xlarge:
Min: 8
Max: 12
DeploymentSize: xSmall
m5d.2xlarge:
Min: 16
Max: 24
DeploymentSize: Small
m5d.4xlarge:
Min: 32
Max: 48
DeploymentSize: Medium
m5d.8xlarge:
Min: 64
Max: 96
DeploymentSize: Large
m5d.12xlarge:
Min: 96
Max: 144
DeploymentSize: xLarge
m5d.16xlarge:
Min: 128
Max: 192
DeploymentSize: xxLarge
m5d.24xlarge:
Min: 192
Max: 288
DeploymentSize: xxxLarge
m5d.metal:
Min: 192
Max: 288
DeploymentSize: xxxLarge
m5a.large:
Min: 4
Max: 4
DeploymentSize: xxSmall
m5a.xlarge:
Min: 8
Max: 12
DeploymentSize: xSmall
m5a.2xlarge:
Min: 16
Max: 24
DeploymentSize: Small
m5a.4xlarge:
Min: 32
Max: 48
DeploymentSize: Medium
m5a.8xlarge:
Min: 64
Max: 96
DeploymentSize: Large
m5a.12xlarge:
Min: 96
Max: 144
DeploymentSize: xLarge
m5a.16xlarge:
Min: 128
Max: 192
DeploymentSize: xxLarge
m5a.24xlarge:
Min: 192
Max: 288
DeploymentSize: xxxLarge
m5ad.large:
Min: 4
Max: 4
DeploymentSize: xxSmall
m5ad.xlarge:
Min: 8
Max: 12
DeploymentSize: xSmall
m5ad.2xlarge:
Min: 16
Max: 24
DeploymentSize: Small
m5ad.4xlarge:
Min: 32
Max: 48
DeploymentSize: Medium
m5ad.12xlarge:
Min: 96
Max: 144
DeploymentSize: xLarge
m5ad.24xlarge:
Min: 192
Max: 288
DeploymentSize: xxxLarge
Resources:
ArtifactoryDatabaseSubnetGroup:
Type: AWS::RDS::DBSubnetGroup
Properties:
DBSubnetGroupDescription: Private Subnets available to the RDS Instance(s)
SubnetIds: !Ref SubnetIds
ArtifactoryDatabase:
Type: AWS::RDS::DBInstance
Properties:
AllocatedStorage: !Ref DatabaseAllocatedStorage
MultiAZ: !Ref MultiAzDatabase
Engine: !Ref DatabaseEngine
EngineVersion: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- DatabaseVersion
MasterUsername: !Ref DatabaseUser
MasterUserPassword: !Ref DatabasePassword
DBInstanceClass: !Ref DatabaseInstance
DBName: !Ref DatabaseName
DBSubnetGroupName: !Ref ArtifactoryDatabaseSubnetGroup
VPCSecurityGroups:
- !Ref ArtifactoryDatabaseSG
ArtifactoryDatabaseSG:
Type: AWS::EC2::SecurityGroup
Properties:
Tags:
- Key: Name
Value: artifactory-rds-sg
GroupDescription: SG for RDS Instance to allow communication from the Bastion and Artifactory servers.
VpcId: !Ref VpcId
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: !Ref VpcCidr
- IpProtocol: tcp
FromPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
ToPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
CidrIp: !Ref PrivateSubnet1Cidr
- IpProtocol: tcp
FromPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
ToPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
CidrIp: !Ref PrivateSubnet2Cidr
- IpProtocol: tcp
FromPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
ToPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
CidrIp: !Ref PrivateSubnet3Cidr
SecurityGroupEgress:
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: 0.0.0.0/0
ArtifactoryS3Bucket:
Type: AWS::S3::Bucket
Properties:
AccessControl: Private
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256
ArtifactoryS3IAMPolicy:
Type: AWS::IAM::Policy
Properties:
PolicyName: S3BucketPermissions
PolicyDocument:
Version: 2012-10-17
Statement:
- Sid: S3BucketPermissions
Effect: Allow
Action:
- s3:*
Resource:
- Fn::Join:
- ''
- - !Sub "arn:${AWS::Partition}:s3:::"
- !Ref ArtifactoryS3Bucket
- Fn::Join:
- ''
- - !Sub "arn:${AWS::Partition}:s3:::"
- !Ref ArtifactoryS3Bucket
- "/*"
Users:
- !Ref ArtifactoryS3IAMUser
Outputs:
S3Bucket:
Value: !Ref ArtifactoryS3Bucket
Description: Actual S3 bucket created for Artifactory
DatabaseDriver:
Value: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Driver]
DatabasePlugin:
Value: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Plugin]
DatabasePluginUrl:
Value: !Sub
- "${MainURL}${PluginVersion}"
- {
MainURL: !FindInMap [DatabaseMap, !Ref DatabaseEngine, PluginURL],
PluginVersion: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Plugin]
}
DatabaseType:
Value: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name]
DatabaseUrl:
Value: !Sub
- "jdbc:${DatabaseType}://${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}${extraDatabaseOps}"
- {
DatabaseType: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name],
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
extraDatabaseOps: !FindInMap [DatabaseMap, !Ref DatabaseEngine, extraDatabaseOps],
}
XrayMasterDatabaseUrl:
Value: !Sub
- "${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}?sslmode=disable"
- {
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
}
XrayDatabaseUrl:
Value: !Sub
- "${ArtifactoryDatabaseEndpointAddress}:${port}/xraydb?sslmode=disable"
- {
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
}
ProDockerRepo:
Value: !FindInMap
- ReleaseStageMap
- !Ref ReleaseStage
- !FindInMap
- ProductMap
- !Ref ArtifactoryProduct
- RepoName
NginxDockerRepo:
Value: !FindInMap [ReleaseStageMap, !Ref ReleaseStage, NginxDockerRepo]
JavaOpts:
Value: !Sub
- "-Xms${min}g -Xmx${max}g"
- {
min: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Min],
max: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Max]
}
DeploymentSize:
Value: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, DeploymentSize]

1024
Amazon/Marketplace/v7106/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

417
Amazon/Marketplace/v7106/templates/jfrog-artifactory-ec2-instance.template.yaml Normal file
View File

@@ -0,0 +1,417 @@
AWSTemplateFormatVersion: "2010-09-09"
Description: "Deploys the EC2 Autoscaling, LaunchConfig and Instance for Artifactory (qs-1qpmmjh5o)"
Parameters:
PrivateSubnet1Id:
Type: 'AWS::EC2::Subnet::Id'
PrivateSubnet2Id:
Type: 'AWS::EC2::Subnet::Id'
MinScalingNodes:
Type: Number
MaxScalingNodes:
Type: Number
DeploymentTag:
Type: String
HostRole:
Type: String
AmiId:
Type: String
ArtifactoryProduct:
Type: String
QsS3BucketName:
Type: String
QsS3KeyPrefix:
Type: String
QsS3Uri:
Type: String
ArtifactoryLicense1:
Type: String
ArtifactoryLicense2:
Type: String
ArtifactoryLicense3:
Type: String
ArtifactoryLicense4:
Type: String
ArtifactoryLicense5:
Type: String
ArtifactoryLicense6:
Type: String
ArtifactoryServerName:
Type: String
Certificate:
Type: String
CertificateKey:
Type: String
NoEcho: 'true'
CertificateDomain:
Type: String
EnableSSL:
Type: String
ArtifactoryIamAcessKey:
Type: String
NoEcho: 'true'
SecretAccessKey:
Type: String
NoEcho: 'true'
ArtifactoryS3Bucket:
Type: String
DatabaseUrl:
Type: String
DatabaseDriver:
Type: String
DatabasePluginUrl:
Type: String
DatabasePlugin:
Type: String
DatabaseType:
Type: String
DatabaseUser:
Type: String
DatabasePassword:
Type: String
NoEcho: 'true'
ArtifactoryPrimary:
Type: String
MasterKey:
Type: String
NoEcho: 'true'
ExtraJavaOptions:
Type: String
ArtifactoryVersion:
Type: String
KeyPairName:
Type: AWS::EC2::KeyPair::KeyName
TargetGroupARN:
Type: String
SSLTargetGroupARN:
Type: String
InternalTargetGroupARN:
Type: String
HostProfile:
Type: String
SecurityGroups:
Type: String
InstanceType:
Type: String
VolumeSize:
Type: Number
KeystorePassword:
Description: Default Keystore from Java in which we upgrade.
Type: String
NoEcho: 'true'
AnsibleVaultPass:
Description: Ansiblevault Password to secure the artifactory.yml
Type: String
NoEcho: 'true'
# To populate additional mappings use the following with the desired --region
# aws --region us-west-2 ec2 describe-images --owners amazon --filters 'Name=name,Values=amzn-ami-hvm-2018.03.0.20181129-x86_64-gp2' 'Name=state,Values=available' --output json | jq -r '.Images | sort_by(.CreationDate) | last(.[]).ImageId'
Mappings:
AWSAMIRegionMap:
ap-northeast-1:
AMZNLINUXHVM: ami-079e6fb1e856e80c1
"Artifactory721": ami-09dfb20a591375d09
"Artifactory755": ami-09dfb20a591375d09 # TODO: Get correct ami
"Jcr721": ami-0d87bf5404e186c90
ap-northeast-2:
AMZNLINUXHVM: ami-0e4a253fb5f082688
"Artifactory721": ami-0eb86b82de93a34fb
"Artifactory755": ami-0eb86b82de93a34fb # TODO: Get correct ami
"Jcr721": ami-047275320dc0101df
ap-south-1:
AMZNLINUXHVM: ami-01e074f40dfb9999d
"Artifactory721": ami-01b828aa6cc99a322
"Artifactory755": ami-01b828aa6cc99a322 # TODO: Get correct ami
"Jcr721": ami-003e20ccb4b8b1efc
ap-southeast-1:
AMZNLINUXHVM: ami-0d9233e8ce73df7b2
"Artifactory721": ami-04a94cc4dc0d08c98
"Artifactory755": ami-04a94cc4dc0d08c98 # TODO: Get correct ami
"Jcr721": ami-016d81f9a055d84f7
ap-southeast-2:
AMZNLINUXHVM: ami-0c91f97cadcc8499e
"Artifactory721": ami-030871aa8d1f0689e
"Artifactory755": ami-030871aa8d1f0689e # TODO: Get correct ami
"Jcr721": ami-0a257f38f4e17b489
ca-central-1:
AMZNLINUXHVM: ami-003a0ba7ea76b2785
"Artifactory721": ami-0148cebea7bea4aaf
"Artifactory755": ami-0148cebea7bea4aaf # TODO: Get correct ami
"Jcr721": ami-0366fde97d0c9c63c
eu-central-1:
AMZNLINUXHVM: ami-0ab838eeee7f316eb
"Artifactory721": ami-07961f7c210143a42
"Artifactory755": ami-07961f7c210143a42 # TODO: Get correct ami
"Jcr721": ami-025ce18f43dbbee65
eu-west-1:
AMZNLINUXHVM: ami-071f4ce599deff521
"Artifactory721": ami-0171b8d46941b4ca1
"Artifactory755": ami-0171b8d46941b4ca1 # TODO: Get correct ami
"Jcr721": ami-0a0c02357d264c397
sa-east-1:
AMZNLINUXHVM: ami-04b202bf877b5027b
"Artifactory721": ami-0596f196b273bb8a6
"Artifactory755": ami-0596f196b273bb8a6 # TODO: Get correct ami
"Jcr721": ami-0f5f29385fc7cf6a9
us-east-1:
AMZNLINUXHVM : ami-09d069a04349dc3cb
"Artifactory700" : ami-06baee01fb2ef01d2
"Artifactory702" : ami-085b1acc8e8b5b039
"Artifactory721" : ami-0d4d4252cdc2b6f11
"Artifactory755" : ami-07c0a3d7663fcafb9 # TODO: Get correct ami
"Artifactory773" : ami-0e1639df4df532641 # partnership account + seller account
"Artifactory7102": ami-0d3aaf4303a264d04 # seller account (shared with partnership account)
"Jcr720" : ami-05aa02eddf5f692b7
"Jcr721" : ami-04fed5fc210272dfe
"Jcr7102" : ami-0508370f82ef2e50d
"Artifactory7105": ami-0ebadbf3bfd796159 # partnership account
"Jcr7105" : ami-044f911cbd1abfa35 # partnership account
"Artifactory7106": ami-031178f02b6163ccc # seller account (shared with partnership account)
us-east-2:
AMZNLINUXHVM : ami-0d542ef84ec55d71c
"Artifactory721" : ami-0a913af05ccdaa522
"Artifactory755" : ami-05071c07a672ddf54 # TODO: Get correct ami - using ami generated by myself
"Jcr721" : ami-0d50790b8fb747584
"Artifactory7105": ami-0b6cf479cb95fdc0f # partnership account
"Jcr7105" : ami-0b36c6bc47680e08b # partnership account
us-west-1:
AMZNLINUXHVM : ami-04bc3da8f14823e88
"Artifactory721" : ami-068cd684b4d3a3a86
"Artifactory755" : ami-068cd684b4d3a3a86 # TODO: Get correct ami
"Jcr721" : ami-0e1cef33ea2778bd5
"Artifactory7105": ami-08bffb00bf4bcf9e5 # partnership account
"Jcr7105" : ami-0c2c7f6ebd9c5f93a # partnership account
us-west-2:
AMZNLINUXHVM : ami-01460aa81365561fe
"700" : ami-000937e944ea194bf
"Artifactory721" : ami-0c132dd3640519a35
"Artifactory755" : ami-0007155f7b7de9386 # TODO: Get correct ami
"Artifactory773" : ami-0a1b8c5bd6ea279b0 # partnership account + seller account
"Jcr721" : ami-083542bb4f8afa3db
"Artifactory7105": ami-00e814a57b5142b4f # partnership account
"Jcr7105" : ami-0d310395b75af75bd # partnership account
us-gov-east-1:
AMZNLINUX2 : ami-7c2bc80d
"Artifactory755" : ami-0732b9134b39caf5c
"Artifactory7102": ami-0f5ce3b2c087a8098
"Artifactory7105": ami-011a5a1aa6a1e6cf2
us-gov-west-1:
AMZNLINUX2 : ami-a03768c1
"Artifactory755" : ami-0b9d3e9ee5ffdc491
"Artifactory7105": ami-0c42aaa5df6428bd7
ArtifactoryProductMap:
JFrog-Container-Registry:
"720": "Jcr720"
"721": "Jcr721"
"743": "Jcr743"
"7102": "Jcr7102"
"7105": "Jcr7105"
product: "jcr"
JFrog-Artifactory-Pro:
"700": "Artifactory700"
"702": "Artifactory702"
"721": "Artifactory721"
"755": "Artifactory755"
"773": "Artifactory773"
"7102": "Artifactory7102"
"7105": "Artifactory7105"
"7106": "Artifactory7106"
product: "artifactory"
Resources:
ArtifactoryScalingGroup:
Type: 'AWS::AutoScaling::AutoScalingGroup'
Properties:
LaunchConfigurationName: !Ref ArtifactoryLaunchConfiguration
VPCZoneIdentifier:
- !Ref PrivateSubnet1Id
- !Ref PrivateSubnet2Id
MinSize: !Ref MinScalingNodes
MaxSize: !Ref MaxScalingNodes
Cooldown: '300'
DesiredCapacity: !Ref MinScalingNodes
TargetGroupARNs:
- !Ref TargetGroupARN
- !Ref SSLTargetGroupARN
- !Ref InternalTargetGroupARN
HealthCheckType: ELB
HealthCheckGracePeriod: 900
Tags:
- Key: Name
Value: !Ref DeploymentTag
PropagateAtLaunch: true
CreationPolicy:
ResourceSignal:
Count: 1
Timeout: PT30M
ArtifactoryLaunchConfiguration:
Type: 'AWS::AutoScaling::LaunchConfiguration'
Metadata:
'AWS::CloudFormation::Authentication':
S3AccessCreds:
type: S3
roleName:
- !Ref HostRole # !Ref ArtifactoryHostRole
buckets:
- !Ref QsS3BucketName
'AWS::CloudFormation::Init':
configSets:
artifactory_install:
- "config-artifactory-master"
- "secure-artifactory"
config-artifactory-master:
files:
/root/.jfrog_ami/artifactory.yml:
content: !Sub
- |
# Base install for Artifactory
- import_playbook: site-artifactory.yml
vars:
artifactory_license1: ${ArtifactoryLicense1}
artifactory_license2: ${ArtifactoryLicense2}
artifactory_license3: ${ArtifactoryLicense3}
artifactory_license4: ${ArtifactoryLicense4}
artifactory_license5: ${ArtifactoryLicense5}
artifactory_license6: ${ArtifactoryLicense6}
artifactory_product: ${product}
artifactory_flavour: "{{ 'pro' if '${product}' == 'artifactory' else 'jcr' if '${product}' == 'jcr' }}"
artifactory_server_name: ${ArtifactoryServerName}
server_name: ${ArtifactoryServerName}.${CertificateDomain}
s3_region: ${AWS::Region}
s3_access_key: ${ArtifactoryIamAcessKey}
s3_access_secret_key: ${SecretAccessKey}
s3_bucket: ${ArtifactoryS3Bucket}
certificate: ${Certificate}
certificate_key: ${CertificateKey}
certificate_domain: ${CertificateDomain}
enable_ssl: ${EnableSSL}
ssl_dir: /etc/pki/tls/certs
db_type: ${DatabaseType}
db_driver: ${DatabaseDriver}
db_url: ${DatabaseUrl}
db_user: ${DatabaseUser}
db_password: ${DatabasePassword}
# db_download_url: https://jdbc.postgresql.org/download/postgresql-42.2.12.jar
art_primary: ${ArtifactoryPrimary}
master_key: ${MasterKey}
join_key: ${MasterKey}
extra_java_opts: ${ExtraJavaOptions}
artifactory_version: ${ArtifactoryVersion}
artifactory_keystore:
path: /opt/jfrog/artifactory/app/third-party/java/lib/security/cacerts
default_password: changeit
new_keystore_pass: ${KeystorePassword}
artifactory_java_db_drivers:
- name: ${DatabasePlugin}
url: ${DatabasePluginUrl}
owner: artifactory
group: artifactory
- {
product: !FindInMap [ArtifactoryProductMap, !Ref ArtifactoryProduct, product]
}
mode: "0400"
/root/.vault_pass.txt:
content: !Sub |
${AnsibleVaultPass}
mode: "0400"
/root/.secureit.sh:
content:
ansible-vault encrypt /root/.jfrog_ami/artifactory.yml --vault-id /root/.vault_pass.txt
mode: "0770"
secure-artifactory:
commands:
'secure ansible playbook':
command: '/root/.secureit.sh'
ignoreErrors: 'false'
Properties:
AssociatePublicIpAddress: false
KeyName: !Ref KeyPairName
IamInstanceProfile: !Ref HostProfile
ImageId: !FindInMap
- AWSAMIRegionMap
- !Ref 'AWS::Region'
- !FindInMap
- ArtifactoryProductMap
- !Ref ArtifactoryProduct
- !Ref AmiId
SecurityGroups:
- !Ref SecurityGroups
InstanceType: !Ref InstanceType
BlockDeviceMappings:
- DeviceName: /dev/xvda
Ebs:
VolumeSize: !Ref VolumeSize
VolumeType: gp2
DeleteOnTermination: true
UserData:
'Fn::Base64':
!Sub |
#!/bin/bash -x
#CFN Functions
function cfn_fail
{
cfn-signal -e 1 --stack ${AWS::StackName} --region ${AWS::Region} --resource ArtifactoryScalingGroup
exit 1
}
function cfn_success
{
cfn-signal -e 0 --stack ${AWS::StackName} --region ${AWS::Region} --resource ArtifactoryScalingGroup
exit 0
}
S3URI=${QsS3Uri}
# yum install -y git
echo $PATH
PATH=/opt/aws/bin:$PATH
echo $PATH
echo \'[Cloning: Load QuickStart Common Utils]\'
# git clone https://github.com/aws-quickstart/quickstart-linux-utilities.git
source /quickstart-linux-utilities/quickstart-cfn-tools.source
echo \'[Loaded: Load QuickStart Common Utils]\'
echo \'[Update Operating System]\'
qs_update-os || qs_err
qs_bootstrap_pip || qs_err
qs_aws-cfn-bootstrap || qs_err
source ~/venv/bin/activate &> /var/log/userdata.activate_venv.log || qs_err " activate venv failed "
# CentOS cloned virtual machines do not create a new machine id
# https://www.thegeekdiary.com/centos-rhel-7-how-to-change-the-machine-id/
rm -f /etc/machine-id
systemd-machine-id-setup
# mkdir ~/.artifactory_ansible
# aws s3 --region ${AWS::Region} sync s3://${QsS3BucketName}/${QsS3KeyPrefix}cloudInstallerScripts/ ~/.artifactory_ansible/
cfn-init -v --stack ${AWS::StackName} --resource ArtifactoryLaunchConfiguration --configsets artifactory_install --region ${AWS::Region} || cfn_fail
export ANSIBLE_VAULT_PASSWORD_FILE="/root/.vault_pass.txt"
setsebool httpd_can_network_connect 1 -P
ansible-playbook /root/.jfrog_ami/artifactory.yml || qs_err " ansible execution failed "
rm -rf /root/.secureit.sh
[ $(qs_status) == 0 ] && cfn_success || cfn_fail

457
Amazon/Marketplace/v7106/templates/jfrog-artifactory-ec2-marketplace-master.template.yaml Normal file
View File

@@ -0,0 +1,457 @@
AWSTemplateFormatVersion: '2010-09-09'
Description: 'JFrog Artifactory Quick Start Deployment (qs-1qpmmjh2f)'
Metadata:
QuickStartDocumentation:
EntrypointName: "Launch into a new VPC"
AWS::CloudFormation::Interface:
ParameterGroups:
- Label:
default: Security configuration
Parameters:
- KeyPairName
- AccessCidr
- RemoteAccessCidr
- Label:
default: Network configuration
Parameters:
- PrivateSubnet1Cidr
- PrivateSubnet2Cidr
- VpcId
- VpcCidr
- PublicSubnet1Id
- PublicSubnet2Id
- PrivateSubnet1Id
- PrivateSubnet2Id
- Label:
default: Amazon EC2 configuration
Parameters:
- VolumeSize
- InstanceType
- Label:
default: JFrog Artifactory configuration
Parameters:
- ArtifactoryVersion
- NumberOfSecondary
- SmLicenseCertName
- ArtifactoryServerName
- MasterKey
- ExtraJavaOptions
- DefaultJavaMemSettings
- KeystorePassword
- AnsibleVaultPass
- Label:
default: Amazon RDS configuration
Parameters:
- DatabaseName
- DatabaseEngine
- DatabaseUser
- DatabasePassword
- DatabaseInstance
- DatabaseAllocatedStorage
- MultiAzDatabase
- Label:
default: JFrog Xray Configuration
Parameters:
- InstallXray
- XrayVersion
- XrayNumberOfInstances
- XrayInstanceType
- XrayDatabaseUser
- XrayDatabasePassword
ParameterLabels:
KeyPairName:
default: SSH key name
PrivateSubnet1Cidr:
default: Private subnet 1 CIDR
PrivateSubnet2Cidr:
default: Private subnet 2 CIDR
AccessCidr:
default: Permitted IP range
RemoteAccessCidr:
default: Remote access CIDR
VpcId:
default: VPC ID
VpcCidr:
default: VPC CIDR
PublicSubnet1Id:
default: Public subnet 1 ID
PublicSubnet2Id:
default: Public subnet 2 ID
PrivateSubnet1Id:
default: Private subnet 1 ID
PrivateSubnet2Id:
default: Private subnet 2 ID
VolumeSize:
default: EBS root volume size
InstanceType:
default: EC2 instance type
NumberOfSecondary:
default: Secondary instances
ArtifactoryVersion:
default: Artifactory version
SmLicenseCertName:
default: Artifactory licenses and certificate secret name
ArtifactoryServerName:
default: Artifactory server name
MasterKey:
default: Master server key
ExtraJavaOptions:
default: Extra Java options
DefaultJavaMemSettings:
default: Default Java memory settings
KeystorePassword:
default: Java key store password
AnsibleVaultPass:
default: Ansible Vault password
DatabaseName:
default: Database name
DatabaseEngine:
default: Database engine
DatabaseUser:
default: Database user
DatabasePassword:
default: Database password
DatabaseInstance:
default: Database instance type
DatabaseAllocatedStorage:
default: Database allocated storage
MultiAzDatabase:
default: High-availability database
InstallXray:
default: Install JFrog Xray
XrayVersion:
default: Version of Xray to install
XrayNumberOfInstances:
default: Number of JFrog XrayNumberOfInstances
XrayInstanceType:
default: Xray instance type
XrayDatabaseUser:
default: Xray Database user
XrayDatabasePassword:
default: Xray Database password
Parameters:
VpcId:
Description: ID of your existing VPC (e.g., vpc-0343606e).
Type: "AWS::EC2::VPC::Id"
VpcCidr:
Description: CIDR block for the VPC.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.0.0/16
Type: String
PublicSubnet1Id:
Description: ID of the public subnet in Availability Zone 1 of your existing VPC (e.g., subnet-z0376dab).
Type: "AWS::EC2::Subnet::Id"
PublicSubnet2Id:
Description: ID of the public subnet in Availability Zone 2 of your existing VPC (e.g., subnet-a29c3d84).
Type: "AWS::EC2::Subnet::Id"
PrivateSubnet1Id:
Description: ID of the private subnet in Availability Zone 1 of your existing VPC (e.g., subnet-a0246dcd).
Type: "AWS::EC2::Subnet::Id"
PrivateSubnet2Id:
Description: ID of the private subnet in Availability Zone 2 of your existing VPC (e.g., subnet-b58c3d67).
Type: "AWS::EC2::Subnet::Id"
KeyPairName:
Description: Name of an existing key pair,
which allows you to connect securely to your instance after it launches.
This is the key pair you created in your preferred Region.
Type: AWS::EC2::KeyPair::KeyName
PrivateSubnet1Cidr:
Description: CIDR block for private subnet 1, located in Availability Zone 1.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.0.0/19
Type: String
PrivateSubnet2Cidr:
Description: CIDR block for private subnet 2, located in Availability Zone 2.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.32.0/19
Type: String
AccessCidr:
Description: CIDR IP range permitted to access Artifactory.
It is recommended that you set this value to a trusted IP range.
For example, you may want to limit software access to your corporate network.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$
Type: String
RemoteAccessCidr:
Description: Remote CIDR range that allows you to connect to the bastion instance by using SSH.
It is recommended that you set this value to a trusted IP range.
For example, you may want to grant specific ranges from within your corporate network that use the SSH protocol.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$
Type: String
VolumeSize:
Description: Size in gigabytes of available storage (min 10GB). The Quick Start creates an
Amazon Elastic Block Store (Amazon EBS) volumes of this size.
Default: 200
Type: Number
InstanceType:
Description: EC2 type for the Artifactory instances.
AllowedValues:
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m5.metal
- m5d.large
- m5d.xlarge
- m5d.2xlarge
- m5d.4xlarge
- m5d.8xlarge
- m5d.12xlarge
- m5d.16xlarge
- m5d.24xlarge
- m5d.metal
- m5a.large
- m5a.xlarge
- m5a.2xlarge
- m5a.4xlarge
- m5a.8xlarge
- m5a.12xlarge
- m5a.16xlarge
- m5a.24xlarge
ConstraintDescription: Must contain valid instance type.
Default: m5.xlarge
Type: String
NumberOfSecondary:
Description: Number of secondary Artifactory servers to complete your
HA deployment. To align with Artifactory best practices, the minimum number
is two, and the maximum is seven. Do not select more instances than you
have licenses for.
AllowedValues:
- 0
- 1
- 2
- 3
- 4
- 5
- 6
- 7
Default: 2
Type: Number
ArtifactoryVersion:
Description: Version of Artifactory that you want to deploy into the Quick Start.
To select the correct version, see the release notes at
https://www.jfrog.com/confluence/display/RTF/Release+Notes.
AllowedPattern: ^(([0-9]|[1-9][0-9])\.){2}([1-9][0-9]|[0-9])$
ConstraintDescription: A version that matches X.X.X per Artifactory releases.
Default: 7.10.6
Type: String
SmLicenseCertName:
Description: Secret name created in AWS Secrets Manager that contains the SSL certificate, certificate key, and Artifactory licenses.
Default: ''
Type: String
ArtifactoryServerName:
Description: Name of your Artifactory server. Ensure that this matches your certificate.
Type: String
MasterKey:
Description: Master key for the Artifactory cluster. Generate a master key by using the command '$openssl rand -hex 16'.
AllowedPattern: ^[a-zA-Z0-9]+$
MinLength: '1'
MaxLength: '64'
ConstraintDescription: Only capital or lowercase letters and numbers, with a Max of 64 characters.
NoEcho: 'true'
Type: String
ExtraJavaOptions:
Description: Set Java options to pass to the JVM for Artifactory. For more information, see the Artifactory
system requirements at https://www.jfrog.com/confluence/display/RTF/System+Requirements#SystemRequirements-RecommendedHardware.
Do not add Xms or Xmx settings without disabling DefaultJavaMemSettings.
Default: -Xss256k -XX:+UseG1GC
Type: String
DefaultJavaMemSettings:
Description: Choose false to overwrite the standard memory-calculation options to pass to the Artifactory JVM.
If you plan to overwrite them, ensure they are added to the ExtraJavaOptions to prevent the stack provision from failing.
ConstraintDescription: True or False
AllowedValues:
- "true"
- "false"
Default: "true"
Type: String
KeystorePassword:
Description: Java key store password. For better security, the password that you specify will
replace the default Java key store password.
NoEcho: 'true'
Type: String
AnsibleVaultPass:
Description: Ansible Vault password to protect the Artifactory YAML configuration file
generated during the Artifactory deployment. This YAML file is stored on the EC2 nodes
and secured with this password.
NoEcho: 'true'
Type: String
DatabaseName:
Description: Name of your database instance. The name must be unique across all instances
owned by your AWS account in the current Region. The database instance identifier is case-insensitive,
but it's stored in lowercase (as in "mydbinstance").
AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$
MinLength: '1'
MaxLength: '60'
ConstraintDescription: 1 to 60 alphanumeric characters First character must be a letter.
Default: artdb
Type: String
DatabaseEngine:
Description: Database engine that you want to run.
AllowedValues:
- Postgres
Default: Postgres
Type: String
DatabaseUser:
Description: Login ID for the master user of your database instance.
MinLength: '1'
MaxLength: '16'
AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$
ConstraintDescription: 1 to 16 alphanumeric characters. The first character must be a letter.
Default: artifactory
Type: String
DatabasePassword:
Description: Password for the Artifactory database user.
AllowedPattern: ^[^ \\']+$
MinLength: '8'
MaxLength: '12'
ConstraintDescription: Must be at least 8 and no more than
12 characters containing letters and (minimum 1 capital letter), numbers and
symbols.
NoEcho: 'true'
Type: String
DatabaseInstance:
Description: Size of the database to be deployed as part of the Quick Start.
AllowedValues:
- db.m5.large
- db.m5.xlarge
- db.m5.2xlarge
- db.m5.10xlarge
- db.m5.16xlarge
- db.m5.large
- db.m5.xlarge
- db.m5.2xlarge
- db.m5.4xlarge
- db.m5.12xlarge
- db.m5.24xlarge
ConstraintDescription: Must be a valid database Instance Type.
Default: db.m5.large
Type: String
DatabaseAllocatedStorage:
Description: Size in gigabytes of available storage for the database instance.
MinValue: 5
MaxValue: 1024
Default: 10
Type: Number
MultiAzDatabase:
Description: Choose false to create an Amazon RDS instance in a single Availability Zone.
ConstraintDescription: True or False
AllowedValues:
- "true"
- "false"
Default: "true"
Type: String
InstallXray:
Description: Choose true to install JFrog Xray instance(s).
ConstraintDescription: True or False
AllowedValues:
- "true"
- "false"
Default: "true"
Type: String
XrayVersion:
Description: The version of Xray that you want to deploy into the Quick Start.
AllowedPattern: ^(([0-9]|[1-9][0-9])\.){2}([1-9][0-9]|[0-9])$
ConstraintDescription: A version that matches X.X.X per Xray releases.
Default: 3.11.2
Type: String
XrayNumberOfInstances:
Description: The number of Xray instances servers to complete your
HA deployment. The minimum number is one; the maximum is seven.
Do not select more than instances than you have licenses for.
MinValue: 1
MaxValue: 7
Default: 1
Type: Number
XrayInstanceType:
Description: The EC2 instance type for the Xray instances.
AllowedValues:
- c5.2xlarge
- c5.4xlarge
ConstraintDescription: Must contain valid instance type.
Default: c5.2xlarge
Type: String
XrayDatabaseUser:
Description: The login ID for the Xray database user.
MinLength: '1'
MaxLength: '16'
AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$
ConstraintDescription: 1 to 16 alphanumeric characters. First character must be a letter.
Default: xray
Type: String
XrayDatabasePassword:
Description: The password for the Xray database user.
AllowedPattern: ^[^ \\']+$
MinLength: '8'
MaxLength: '12'
ConstraintDescription: Must be at least 8 and no more than
12 characters containing letters and (minimum 1 capital letter), numbers and
symbols.
NoEcho: 'true'
Type: String
Resources:
ArtifactoryExistingVpcStack:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: !Sub https://jfrog-aws-test.s3.us-east-1.${AWS::URLSuffix}/artifactory7/v7106/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml
# TemplateURL: !Sub https://${QsS3BucketName}.s3.${QsS3BucketRegion}.${AWS::URLSuffix}/${QsS3KeyPrefix}templates/jfrog-artifactory-ec2-existing-vpc.template.yaml
Parameters:
KeyPairName: !Ref KeyPairName
VpcId: !Ref VpcId
VpcCidr: !Ref VpcCidr
PublicSubnet1Id: !Ref PublicSubnet1Id
PublicSubnet2Id: !Ref PublicSubnet2Id
PrivateSubnet1Id: !Ref PrivateSubnet1Id
PrivateSubnet2Id: !Ref PrivateSubnet2Id
PrivateSubnet1Cidr: !Ref PrivateSubnet1Cidr
PrivateSubnet2Cidr: !Ref PrivateSubnet2Cidr
AccessCidr: !Ref AccessCidr
RemoteAccessCidr: !Ref RemoteAccessCidr
ProvisionBastionHost: "Disabled"
BastionInstanceType: "t3.micro"
BastionRootVolumeSize: 10
BastionEnableTcpForwarding: "true"
BastionEnableX11Forwarding: "false"
BastionOs: "Amazon-Linux2-HVM"
NumBastionHosts: "1"
VolumeSize: !Ref VolumeSize
InstanceType: !Ref InstanceType
NumberOfSecondary: !Ref NumberOfSecondary
ArtifactoryProduct: "JFrog-Artifactory-Pro"
ArtifactoryVersion: !Ref ArtifactoryVersion
SmLicenseCertName: !Ref SmLicenseCertName
ArtifactoryServerName: !Ref ArtifactoryServerName
MasterKey: !Ref MasterKey
ExtraJavaOptions: !Ref ExtraJavaOptions
DefaultJavaMemSettings: !Ref DefaultJavaMemSettings
KeystorePassword: !Ref KeystorePassword
AnsibleVaultPass: !Ref AnsibleVaultPass
DatabaseName: !Ref DatabaseName
DatabaseEngine: !Ref DatabaseEngine
DatabaseUser: !Ref DatabaseUser
DatabasePassword: !Ref DatabasePassword
DatabaseInstance: !Ref DatabaseInstance
DatabaseAllocatedStorage: !Ref DatabaseAllocatedStorage
MultiAzDatabase: !Ref MultiAzDatabase
QsS3BucketName: "jfrog-aws-test"
QsS3KeyPrefix: "artifactory7/v7106/"
QsS3BucketRegion: "us-east-1"
InstallXray: !Ref InstallXray
XrayVersion: !Ref XrayVersion
XrayNumberOfInstances: !Ref XrayNumberOfInstances
XrayInstanceType: !Ref XrayInstanceType
XrayDatabaseUser: !Ref XrayDatabaseUser
XrayDatabasePassword: !Ref XrayDatabasePassword
Outputs:
ArtifactoryUrl:
Description: URL of the ELB to access Artifactory
Value: !Sub ${ArtifactoryExistingVpcStack.Outputs.ArtifactoryUrl}
BastionIp:
Value: !Sub ${ArtifactoryExistingVpcStack.Outputs.BastionIp}
Description: Bastion host IP, for admin access via SSH

283
Amazon/Marketplace/v7106/templates/jfrog-xray-ec2-instance.template.yaml Normal file
View File

@@ -0,0 +1,283 @@
AWSTemplateFormatVersion: "2010-09-09"
Description: "Deploys the EC2 Autoscaling, LaunchConfig and Instance for Xray"
Parameters:
PrivateSubnet1Id:
Type: 'AWS::EC2::Subnet::Id'
PrivateSubnet2Id:
Type: 'AWS::EC2::Subnet::Id'
KeyPairName:
Type: AWS::EC2::KeyPair::KeyName
MinScalingNodes:
Type: Number
MaxScalingNodes:
Type: Number
DeploymentTag:
Type: String
QsS3BucketName:
Type: String
QsS3KeyPrefix:
Type: String
QsS3Uri:
Type: String
DatabaseDriver:
Type: String
DatabaseType:
Type: String
DatabaseUser:
Type: String
DatabasePassword:
Type: String
NoEcho: 'true'
MasterKey:
Type: String
NoEcho: 'true'
SecurityGroups:
Type: String
VolumeSize:
Type: Number
XrayHostProfile:
Type: String
XrayHostRole:
Type: String
XrayInstanceType:
Type: String
JfrogInternalUrl:
Type: String
AnsibleVaultPass:
Description: Ansiblevault Password to secure the artifactory.yml
Type: String
NoEcho: 'true'
XrayDatabaseUser:
Type: String
XrayDatabasePassword:
Type: String
NoEcho: 'true'
XrayMasterDatabaseUrl:
Type: String
XrayDatabaseUrl:
Type: String
XrayFirstNode:
Description: Runs database scripts if this is the first node
Type: String
XrayVersion:
Type: String
XrayAmiId:
Type: String
# To populate additional mappings use the following with the desired --region
# aws --region us-west-2 ec2 describe-images --owners amazon --filters 'Name=name,Values=amzn-ami-hvm-2018.03.0.20181129-x86_64-gp2' 'Name=state,Values=available' --output json | jq -r '.Images | sort_by(.CreationDate) | last(.[]).ImageId'
Mappings:
AWSAMIRegionMap:
ap-northeast-1:
"330": ami-09dfb20a591375d09 # TODO: Get correct ami - provided by market place tem
"361": ami-09dfb20a591375d09 # TODO: Get correct ami - provided by market place tem
ap-northeast-2:
"330": ami-0eb86b82de93a34fb # TODO: Get correct ami - provided by market place tem
"361": ami-0eb86b82de93a34fb # TODO: Get correct ami - provided by market place tem
ap-south-1:
"330": ami-01b828aa6cc99a322 # TODO: Get correct ami - provided by market place tem
"361": ami-01b828aa6cc99a322 # TODO: Get correct ami - provided by market place tem
ap-southeast-1:
"330": ami-04a94cc4dc0d08c98 # TODO: Get correct ami - provided by market place tem
"361": ami-04a94cc4dc0d08c98 # TODO: Get correct ami - provided by market place tem
ap-southeast-2:
"330": ami-030871aa8d1f0689e # TODO: Get correct ami - provided by market place tem
"361": ami-030871aa8d1f0689e # TODO: Get correct ami - provided by market place tem
ca-central-1:
"330": ami-0148cebea7bea4aaf # TODO: Get correct ami - provided by market place tem
"361": ami-0148cebea7bea4aaf # TODO: Get correct ami - provided by market place tem
eu-central-1:
"330": ami-07961f7c210143a42 # TODO: Get correct ami - provided by market place tem
"361": ami-07961f7c210143a42 # TODO: Get correct ami - provided by market place tem
eu-west-1:
"330": ami-0171b8d46941b4ca1 # TODO: Get correct ami - provided by market place tem
"361": ami-0171b8d46941b4ca1 # TODO: Get correct ami - provided by market place tem
sa-east-1:
"330": ami-0596f196b273bb8a6 # TODO: Get correct ami - provided by market place tem
"361": ami-0596f196b273bb8a6 # TODO: Get correct ami - provided by market place tem
us-east-1:
"330" : ami-0d4d4252cdc2b6f11 # TODO: Get correct ami - provided by market place tem
"361" : ami-086fcbf4aa2bd203f # TODO: Get correct ami - provided by market place tem
"386" : ami-0becff949aa530956 # partnership account + seller account
"3103": ami-07414bc0b35a8a896 # partnership account (shared with partnership account)
"3112": ami-0819678d7216af530 # seller account (shared with partnership account)
us-east-2:
"330" : ami-00a5fcde44618d39b # TODO: Get correct ami - using ami generated by myself - provided by market place tem
"361" : ami-005b2ceceac6999ff # TODO: Get correct ami - using ami generated by myself - provided by market place tem
"3103": ami-0568749cd3090ebd4 # partnership account (shared with partnership account)
"3112": ami-0819678d7216af530 # to be updated by Marketplace team
us-west-1:
"330" : ami-068cd684b4d3a3a86 # TODO: Get correct ami - provided by market place tem
"361" : ami-068cd684b4d3a3a86 # TODO: Get correct ami - provided by market place tem
"3103": ami-063b22c527b48e209 # partnership account (shared with partnership account)
us-west-2:
"330" : ami-03d60da4c8a146a55 # TODO: Get correct ami - provided by market place tem
"361" : ami-03d60da4c8a146a55 # TODO: Get correct ami - provided by market place tem
"386" : ami-07af1682f09ef4a20 # partnership account + seller account
"3103": ami-081aabd2bb46b1ffc # partnership account (shared with partnership account)
"3112": ami-0819678d7216af530 # to be updated by Marketplace team
us-gov-east-1:
"361" : ami-001d5cec1e7399f65 # TODO: Get correct ami - provided by market place tem
"3103": ami-08ac98f47eb27e2a0 # partnership account
"3112": ami-0819678d7216af530 # to be updated by Marketplace team
us-gov-west-1:
"361" : ami-0eb4eecce8d5bcb80 # TODO: Get correct ami - provided by market place tem
"3103": ami-0cb5c0773d037b57b # partnership account
"3112": ami-0819678d7216af530 # to be updated by Marketplace team
Resources:
XrayScalingGroup:
Type: 'AWS::AutoScaling::AutoScalingGroup'
Properties:
LaunchConfigurationName: !Ref XrayLaunchConfiguration
VPCZoneIdentifier:
- !Ref PrivateSubnet1Id
- !Ref PrivateSubnet2Id
MinSize: !Ref MinScalingNodes
MaxSize: !Ref MaxScalingNodes
Cooldown: '300'
DesiredCapacity: !Ref MinScalingNodes
HealthCheckType: EC2
HealthCheckGracePeriod: 900
Tags:
- Key: Name
Value: !Ref DeploymentTag
PropagateAtLaunch: true
CreationPolicy:
ResourceSignal:
Count: 1
Timeout: PT60M
XrayLaunchConfiguration:
Type: 'AWS::AutoScaling::LaunchConfiguration'
Metadata:
'AWS::CloudFormation::Authentication':
S3AccessCreds:
type: S3
roleName:
- !Ref XrayHostRole
buckets:
- !Ref QsS3BucketName
'AWS::CloudFormation::Init':
configSets:
xray_install:
- "config-xray"
config-xray:
files:
/root/.xray_ami/xray.yml:
content: !Sub
- |
# Base install for Xray
- import_playbook: site-xray.yml
vars:
jfrog_url: ${JfrogInternalUrl}
master_key: ${MasterKey}
join_key: ${MasterKey}
db_type: ${DatabaseType}
db_driver: ${DatabaseDriver}
db_url: postgres://${XrayDatabaseUrl}
db_user: ${XrayDatabaseUser}
db_password: ${XrayDatabasePassword}
xray_version: ${XrayVersion}
- {
product: Xray
}
mode: "0400"
/root/.vault_pass.txt:
content: !Sub |
${AnsibleVaultPass}
mode: "0400"
Properties:
AssociatePublicIpAddress: false
KeyName: !Ref KeyPairName
IamInstanceProfile: !Ref XrayHostProfile
ImageId: !FindInMap
- AWSAMIRegionMap
- !Ref 'AWS::Region'
- !Ref XrayAmiId
SecurityGroups:
- !Ref SecurityGroups
InstanceType: !Ref XrayInstanceType
BlockDeviceMappings:
- DeviceName: /dev/xvda
Ebs:
VolumeSize: !Ref VolumeSize
VolumeType: gp2
DeleteOnTermination: true
UserData:
'Fn::Base64':
!Sub |
#!/bin/bash -x
exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1
#CFN Functions
function cfn_fail
{
cfn-signal -e 1 --stack ${AWS::StackName} --region ${AWS::Region} --resource XrayScalingGroup
exit 1
}
function cfn_success
{
cfn-signal -e 0 --stack ${AWS::StackName} --region ${AWS::Region} --resource XrayScalingGroup
exit 0
}
S3URI=${QsS3Uri}
# yum install -y git
echo $PATH
PATH=/opt/aws/bin:$PATH
echo $PATH
echo \'[Cloning: Load QuickStart Common Utils]\'
# git clone https://github.com/aws-quickstart/quickstart-linux-utilities.git
source /quickstart-linux-utilities/quickstart-cfn-tools.source
echo \'[Loaded: Load QuickStart Common Utils]\'
echo \'[Update Operating System]\'
qs_update-os || qs_err
qs_bootstrap_pip || qs_err
qs_aws-cfn-bootstrap || qs_err
source ~/venv/bin/activate &> /var/log/userdata.activate_venv.log || qs_err " activate venv failed "
# mkdir ~/.xray_ansible
# aws s3 --region ${AWS::Region} sync s3://${QsS3BucketName}/${QsS3KeyPrefix}cloudInstallerScripts/ ~/.xray_ansible/
cfn-init -v --stack ${AWS::StackName} --resource XrayLaunchConfiguration --configsets xray_install --region ${AWS::Region} || cfn_fail
# CentOS cloned virtual machines do not create a new machine id
# https://www.thegeekdiary.com/centos-rhel-7-how-to-change-the-machine-id/
rm -f /etc/machine-id
systemd-machine-id-setup
if "true" == "${XrayFirstNode}"
then
psql postgresql://${DatabaseUser}:${DatabasePassword}@${XrayMasterDatabaseUrl} -c "CREATE USER ${XrayDatabaseUser} WITH PASSWORD '${XrayDatabasePassword}'" &>> /var/log/userdata.xray_database.log;
psql postgresql://${DatabaseUser}:${DatabasePassword}@${XrayMasterDatabaseUrl} -c "grant ${XrayDatabaseUser} to ${DatabaseUser}" &>> /var/log/userdata.xray_database.log;
psql postgresql://${DatabaseUser}:${DatabasePassword}@${XrayMasterDatabaseUrl} -c "CREATE DATABASE xraydb WITH OWNER=${XrayDatabaseUser} ENCODING='UTF8'" &>> /var/log/userdata.xray_database.log;
psql postgresql://${DatabaseUser}:${DatabasePassword}@${XrayMasterDatabaseUrl} -c "GRANT ALL PRIVILEGES ON DATABASE xraydb TO ${XrayDatabaseUser}" &>> /var/log/userdata.xray_database.log;
fi
ansible-playbook /root/.xray_ami/xray.yml || qs_err " ansible execution failed "
$(qs_status) &> /var/log/qs_status.log
cfn_success &> /var/log/cfn_success.log
[ $(qs_status) == 0 ] && cfn_success || cfn_fail

378
Amazon/Marketplace/v7112/templates/jfrog-artifactory-core-infrastructure.template.yaml Normal file
View File

@@ -0,0 +1,378 @@
AWSTemplateFormatVersion: '2010-09-09'
Description: 'JFrog Artifactory Quick Start Deployment (qs-1qpmmjh61)'
Parameters:
VpcId:
Type: AWS::EC2::VPC::Id
VpcCidr:
Description: CIDR block for the VPC
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.0.0/16
Type: String
PrivateSubnet1Cidr:
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.0.0/19
Type: String
PrivateSubnet2Cidr:
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.32.0/19
Type: String
PrivateSubnet3Cidr:
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.64.0/19
Type: String
SubnetIds:
Type: List<AWS::EC2::Subnet::Id>
DatabaseAllocatedStorage:
Type: Number
MultiAzDatabase:
Type: String
DatabaseEngine:
Type: String
DatabaseUser:
Type: String
DatabasePassword:
NoEcho: 'true'
Type: String
DatabaseInstance:
Type: String
DatabaseName:
Type: String
ArtifactoryS3IAMUser:
NoEcho: 'true'
Type: String
ArtifactoryProduct:
Default: JFrog-Artifactory-Pro
Type: String
ReleaseStage:
Default: GA
Type: String
InstanceType:
Default: m5.xlarge
Type: String
Mappings:
DatabaseMap:
Postgres:
Name: postgresql
DatabaseVersion: 11.5
Driver: "org.postgresql.Driver"
Plugin: postgresql-42.2.9.jar
PluginURL: https://jdbc.postgresql.org/download/
port: "5432"
extraDatabaseOps: ""
ReleaseStageMap:
BETA:
ProDockerRepo: "earlyaccess-docker.jfrog.io/jfrog/artifactory-pro"
JcrDockerRepo: "earlyaccess-docker.jfrog.io/jfrog/artifactory-jcr"
NginxDockerRepo: "earlyaccess-docker.jfrog.io/jfrog/nginx-artifactory-pro"
GA:
ProDockerRepo: "docker.bintray.io/jfrog/artifactory-pro"
JcrDockerRepo: "docker.bintray.io/jfrog/artifactory-jcr"
NginxDockerRepo: "docker.bintray.io/jfrog/nginx-artifactory-pro"
ProductMap:
JFrog-Container-Registry:
RepoName: JcrDockerRepo
JFrog-Artifactory-Pro:
RepoName: ProDockerRepo
JavaOptionstoInstance:
m5.large:
Min: 4
Max: 4
DeploymentSize: xxSmall
m5.xlarge:
Min: 8
Max: 12
DeploymentSize: xSmall
m5.2xlarge:
Min: 16
Max: 24
DeploymentSize: Small
m5.4xlarge:
Min: 32
Max: 48
DeploymentSize: Medium
m5.8xlarge:
Min: 64
Max: 96
DeploymentSize: Large
m5.12xlarge:
Min: 96
Max: 144
DeploymentSize: xLarge
m5.16xlarge:
Min: 128
Max: 192
DeploymentSize: xxLarge
m5.24xlarge:
Min: 192
Max: 288
DeploymentSize: xxxLarge
m5.metal:
Min: 192
Max: 288
DeploymentSize: xxxLarge
m5d.large:
Min: 4
Max: 4
DeploymentSize: xxSmall
m5d.xlarge:
Min: 8
Max: 12
DeploymentSize: xSmall
m5d.2xlarge:
Min: 16
Max: 24
DeploymentSize: Small
m5d.4xlarge:
Min: 32
Max: 48
DeploymentSize: Medium
m5d.8xlarge:
Min: 64
Max: 96
DeploymentSize: Large
m5d.12xlarge:
Min: 96
Max: 144
DeploymentSize: xLarge
m5d.16xlarge:
Min: 128
Max: 192
DeploymentSize: xxLarge
m5d.24xlarge:
Min: 192
Max: 288
DeploymentSize: xxxLarge
m5d.metal:
Min: 192
Max: 288
DeploymentSize: xxxLarge
m5a.large:
Min: 4
Max: 4
DeploymentSize: xxSmall
m5a.xlarge:
Min: 8
Max: 12
DeploymentSize: xSmall
m5a.2xlarge:
Min: 16
Max: 24
DeploymentSize: Small
m5a.4xlarge:
Min: 32
Max: 48
DeploymentSize: Medium
m5a.8xlarge:
Min: 64
Max: 96
DeploymentSize: Large
m5a.12xlarge:
Min: 96
Max: 144
DeploymentSize: xLarge
m5a.16xlarge:
Min: 128
Max: 192
DeploymentSize: xxLarge
m5a.24xlarge:
Min: 192
Max: 288
DeploymentSize: xxxLarge
m5ad.large:
Min: 4
Max: 4
DeploymentSize: xxSmall
m5ad.xlarge:
Min: 8
Max: 12
DeploymentSize: xSmall
m5ad.2xlarge:
Min: 16
Max: 24
DeploymentSize: Small
m5ad.4xlarge:
Min: 32
Max: 48
DeploymentSize: Medium
m5ad.12xlarge:
Min: 96
Max: 144
DeploymentSize: xLarge
m5ad.24xlarge:
Min: 192
Max: 288
DeploymentSize: xxxLarge
Resources:
ArtifactoryDatabaseSubnetGroup:
Type: AWS::RDS::DBSubnetGroup
Properties:
DBSubnetGroupDescription: Private Subnets available to the RDS Instance(s)
SubnetIds: !Ref SubnetIds
ArtifactoryDatabase:
Type: AWS::RDS::DBInstance
Properties:
AllocatedStorage: !Ref DatabaseAllocatedStorage
MultiAZ: !Ref MultiAzDatabase
Engine: !Ref DatabaseEngine
EngineVersion: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- DatabaseVersion
MasterUsername: !Ref DatabaseUser
MasterUserPassword: !Ref DatabasePassword
DBInstanceClass: !Ref DatabaseInstance
DBName: !Ref DatabaseName
DBSubnetGroupName: !Ref ArtifactoryDatabaseSubnetGroup
VPCSecurityGroups:
- !Ref ArtifactoryDatabaseSG
ArtifactoryDatabaseSG:
Type: AWS::EC2::SecurityGroup
Properties:
Tags:
- Key: Name
Value: artifactory-rds-sg
GroupDescription: SG for RDS Instance to allow communication from the Bastion and Artifactory servers.
VpcId: !Ref VpcId
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: !Ref VpcCidr
- IpProtocol: tcp
FromPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
ToPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
CidrIp: !Ref PrivateSubnet1Cidr
- IpProtocol: tcp
FromPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
ToPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
CidrIp: !Ref PrivateSubnet2Cidr
- IpProtocol: tcp
FromPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
ToPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
CidrIp: !Ref PrivateSubnet3Cidr
SecurityGroupEgress:
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: 0.0.0.0/0
ArtifactoryS3Bucket:
Type: AWS::S3::Bucket
Properties:
AccessControl: Private
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256
ArtifactoryS3IAMPolicy:
Type: AWS::IAM::Policy
Properties:
PolicyName: S3BucketPermissions
PolicyDocument:
Version: 2012-10-17
Statement:
- Sid: S3BucketPermissions
Effect: Allow
Action:
- s3:*
Resource:
- Fn::Join:
- ''
- - !Sub "arn:${AWS::Partition}:s3:::"
- !Ref ArtifactoryS3Bucket
- Fn::Join:
- ''
- - !Sub "arn:${AWS::Partition}:s3:::"
- !Ref ArtifactoryS3Bucket
- "/*"
Users:
- !Ref ArtifactoryS3IAMUser
Outputs:
S3Bucket:
Value: !Ref ArtifactoryS3Bucket
Description: Actual S3 bucket created for Artifactory
DatabaseDriver:
Value: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Driver]
DatabasePlugin:
Value: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Plugin]
DatabasePluginUrl:
Value: !Sub
- "${MainURL}${PluginVersion}"
- {
MainURL: !FindInMap [DatabaseMap, !Ref DatabaseEngine, PluginURL],
PluginVersion: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Plugin]
}
DatabaseType:
Value: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name]
DatabaseUrl:
Value: !Sub
- "jdbc:${DatabaseType}://${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}${extraDatabaseOps}"
- {
DatabaseType: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name],
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
extraDatabaseOps: !FindInMap [DatabaseMap, !Ref DatabaseEngine, extraDatabaseOps],
}
XrayMasterDatabaseUrl:
Value: !Sub
- "${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}?sslmode=disable"
- {
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
}
XrayDatabaseUrl:
Value: !Sub
- "${ArtifactoryDatabaseEndpointAddress}:${port}/xraydb?sslmode=disable"
- {
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
}
ProDockerRepo:
Value: !FindInMap
- ReleaseStageMap
- !Ref ReleaseStage
- !FindInMap
- ProductMap
- !Ref ArtifactoryProduct
- RepoName
NginxDockerRepo:
Value: !FindInMap [ReleaseStageMap, !Ref ReleaseStage, NginxDockerRepo]
JavaOpts:
Value: !Sub
- "-Xms${min}g -Xmx${max}g"
- {
min: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Min],
max: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Max]
}
DeploymentSize:
Value: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, DeploymentSize]

1024
Amazon/Marketplace/v7112/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

414
Amazon/Marketplace/v7112/templates/jfrog-artifactory-ec2-instance.template.yaml Normal file
View File

@@ -0,0 +1,414 @@
AWSTemplateFormatVersion: "2010-09-09"
Description: "Deploys the EC2 Autoscaling, LaunchConfig and Instance for Artifactory (qs-1qpmmjh5o)"
Parameters:
PrivateSubnet1Id:
Type: 'AWS::EC2::Subnet::Id'
PrivateSubnet2Id:
Type: 'AWS::EC2::Subnet::Id'
MinScalingNodes:
Type: Number
MaxScalingNodes:
Type: Number
DeploymentTag:
Type: String
HostRole:
Type: String
AmiId:
Type: String
ArtifactoryProduct:
Type: String
QsS3BucketName:
Type: String
QsS3KeyPrefix:
Type: String
QsS3Uri:
Type: String
ArtifactoryLicense1:
Type: String
ArtifactoryLicense2:
Type: String
ArtifactoryLicense3:
Type: String
ArtifactoryLicense4:
Type: String
ArtifactoryLicense5:
Type: String
ArtifactoryLicense6:
Type: String
ArtifactoryServerName:
Type: String
Certificate:
Type: String
CertificateKey:
Type: String
NoEcho: 'true'
CertificateDomain:
Type: String
EnableSSL:
Type: String
ArtifactoryIamAcessKey:
Type: String
NoEcho: 'true'
SecretAccessKey:
Type: String
NoEcho: 'true'
ArtifactoryS3Bucket:
Type: String
DatabaseUrl:
Type: String
DatabaseDriver:
Type: String
DatabasePluginUrl:
Type: String
DatabasePlugin:
Type: String
DatabaseType:
Type: String
DatabaseUser:
Type: String
DatabasePassword:
Type: String
NoEcho: 'true'
ArtifactoryPrimary:
Type: String
MasterKey:
Type: String
NoEcho: 'true'
ExtraJavaOptions:
Type: String
ArtifactoryVersion:
Type: String
KeyPairName:
Type: AWS::EC2::KeyPair::KeyName
TargetGroupARN:
Type: String
SSLTargetGroupARN:
Type: String
InternalTargetGroupARN:
Type: String
HostProfile:
Type: String
SecurityGroups:
Type: String
InstanceType:
Type: String
VolumeSize:
Type: Number
KeystorePassword:
Description: Default Keystore from Java in which we upgrade.
Type: String
NoEcho: 'true'
AnsibleVaultPass:
Description: Ansiblevault Password to secure the artifactory.yml
Type: String
NoEcho: 'true'
# To populate additional mappings use the following with the desired --region
# aws --region us-west-2 ec2 describe-images --owners amazon --filters 'Name=name,Values=amzn-ami-hvm-2018.03.0.20181129-x86_64-gp2' 'Name=state,Values=available' --output json | jq -r '.Images | sort_by(.CreationDate) | last(.[]).ImageId'
Mappings:
AWSAMIRegionMap:
ap-northeast-1:
AMZNLINUXHVM: ami-079e6fb1e856e80c1
"Artifactory721": ami-09dfb20a591375d09
"Artifactory755": ami-09dfb20a591375d09 # TODO: Get correct ami
"Jcr721": ami-0d87bf5404e186c90
ap-northeast-2:
AMZNLINUXHVM: ami-0e4a253fb5f082688
"Artifactory721": ami-0eb86b82de93a34fb
"Artifactory755": ami-0eb86b82de93a34fb # TODO: Get correct ami
"Jcr721": ami-047275320dc0101df
ap-south-1:
AMZNLINUXHVM: ami-01e074f40dfb9999d
"Artifactory721": ami-01b828aa6cc99a322
"Artifactory755": ami-01b828aa6cc99a322 # TODO: Get correct ami
"Jcr721": ami-003e20ccb4b8b1efc
ap-southeast-1:
AMZNLINUXHVM: ami-0d9233e8ce73df7b2
"Artifactory721": ami-04a94cc4dc0d08c98
"Artifactory755": ami-04a94cc4dc0d08c98 # TODO: Get correct ami
"Jcr721": ami-016d81f9a055d84f7
ap-southeast-2:
AMZNLINUXHVM: ami-0c91f97cadcc8499e
"Artifactory721": ami-030871aa8d1f0689e
"Artifactory755": ami-030871aa8d1f0689e # TODO: Get correct ami
"Jcr721": ami-0a257f38f4e17b489
ca-central-1:
AMZNLINUXHVM: ami-003a0ba7ea76b2785
"Artifactory721": ami-0148cebea7bea4aaf
"Artifactory755": ami-0148cebea7bea4aaf # TODO: Get correct ami
"Jcr721": ami-0366fde97d0c9c63c
eu-central-1:
AMZNLINUXHVM: ami-0ab838eeee7f316eb
"Artifactory721": ami-07961f7c210143a42
"Artifactory755": ami-07961f7c210143a42 # TODO: Get correct ami
"Jcr721": ami-025ce18f43dbbee65
eu-west-1:
AMZNLINUXHVM: ami-071f4ce599deff521
"Artifactory721": ami-0171b8d46941b4ca1
"Artifactory755": ami-0171b8d46941b4ca1 # TODO: Get correct ami
"Jcr721": ami-0a0c02357d264c397
sa-east-1:
AMZNLINUXHVM: ami-04b202bf877b5027b
"Artifactory721": ami-0596f196b273bb8a6
"Artifactory755": ami-0596f196b273bb8a6 # TODO: Get correct ami
"Jcr721": ami-0f5f29385fc7cf6a9
us-east-1:
AMZNLINUXHVM: ami-09d069a04349dc3cb
"Artifactory700": ami-06baee01fb2ef01d2
"Artifactory702": ami-085b1acc8e8b5b039
"Artifactory721": ami-0d4d4252cdc2b6f11
"Artifactory755": ami-07c0a3d7663fcafb9 # TODO: Get correct ami
"Artifactory773": ami-0e1639df4df532641 # partnership account + seller account
"Artifactory7102": ami-0d3aaf4303a264d04 # seller account (shared with partnership account)
"Jcr720": ami-05aa02eddf5f692b7
"Jcr721": ami-04fed5fc210272dfe
"Jcr7102": ami-0508370f82ef2e50d
"Artifactory7112": ami-06347e9dbfce687da # seller account (shared with partnership account)
"Jcr7112": ami-0a3b81d0aa82189e2 # seller account (shared with partnership account)
us-east-2:
AMZNLINUXHVM: ami-0d542ef84ec55d71c
"Artifactory721": ami-0a913af05ccdaa522
"Artifactory755": ami-05071c07a672ddf54 # TODO: Get correct ami - using ami generated by myself
"Jcr721": ami-0d50790b8fb747584
"Artifactory7112": ami-0f3dcf9fd88a904bc # seller account (shared with partnership account)
"Jcr7112": ami-0336bdc0bc6e84abd # seller account (shared with partnership account)
us-west-1:
AMZNLINUXHVM: ami-04bc3da8f14823e88
"Artifactory721": ami-068cd684b4d3a3a86
"Artifactory755": ami-068cd684b4d3a3a86 # TODO: Get correct ami
"Jcr721": ami-0e1cef33ea2778bd5
"Artifactory7112": ami-0882ea734a2fa8b73 # seller account (shared with partnership account)
"Jcr7112": ami-0210d128df9b0bc6a # seller account (shared with partnership account)
us-west-2:
AMZNLINUXHVM: ami-01460aa81365561fe
"700": ami-000937e944ea194bf
"Artifactory721": ami-0c132dd3640519a35
"Artifactory755": ami-0007155f7b7de9386 # TODO: Get correct ami
"Artifactory773": ami-0a1b8c5bd6ea279b0 # partnership account + seller account
"Jcr721": ami-083542bb4f8afa3db
"Artifactory7112": ami-0474ab36192013bbd # seller account (shared with partnership account)
"Jcr7112": ami-0f6670c5db60d15b0 # seller account (shared with partnership account)
us-gov-east-1:
AMZNLINUX2: ami-7c2bc80d
"Artifactory755": ami-0732b9134b39caf5c
"Artifactory7102": ami-0f5ce3b2c087a8098
"Artifactory7112": ami-0bd6c2a94850b75f0
us-gov-west-1:
AMZNLINUX2: ami-a03768c1
"Artifactory755": ami-0b9d3e9ee5ffdc491
ArtifactoryProductMap:
JFrog-Container-Registry:
"720": "Jcr720"
"721": "Jcr721"
"743": "Jcr743"
"7102": "Jcr7102"
"7112": "Jcr7112"
product: "jcr"
JFrog-Artifactory-Pro:
"700": "Artifactory700"
"702": "Artifactory702"
"721": "Artifactory721"
"755": "Artifactory755"
"773": "Artifactory773"
"7102": "Artifactory7102"
"7112": "Artifactory7112"
product: "artifactory"
Resources:
ArtifactoryScalingGroup:
Type: 'AWS::AutoScaling::AutoScalingGroup'
Properties:
LaunchConfigurationName: !Ref ArtifactoryLaunchConfiguration
VPCZoneIdentifier:
- !Ref PrivateSubnet1Id
- !Ref PrivateSubnet2Id
MinSize: !Ref MinScalingNodes
MaxSize: !Ref MaxScalingNodes
Cooldown: '300'
DesiredCapacity: !Ref MinScalingNodes
TargetGroupARNs:
- !Ref TargetGroupARN
- !Ref SSLTargetGroupARN
- !Ref InternalTargetGroupARN
HealthCheckType: ELB
HealthCheckGracePeriod: 900
Tags:
- Key: Name
Value: !Ref DeploymentTag
PropagateAtLaunch: true
CreationPolicy:
ResourceSignal:
Count: 1
Timeout: PT30M
ArtifactoryLaunchConfiguration:
Type: 'AWS::AutoScaling::LaunchConfiguration'
Metadata:
'AWS::CloudFormation::Authentication':
S3AccessCreds:
type: S3
roleName:
- !Ref HostRole # !Ref ArtifactoryHostRole
buckets:
- !Ref QsS3BucketName
'AWS::CloudFormation::Init':
configSets:
artifactory_install:
- "config-artifactory-master"
- "secure-artifactory"
config-artifactory-master:
files:
/root/.jfrog_ami/artifactory.yml:
content: !Sub
- |
# Base install for Artifactory
- import_playbook: site-artifactory.yml
vars:
artifactory_license1: ${ArtifactoryLicense1}
artifactory_license2: ${ArtifactoryLicense2}
artifactory_license3: ${ArtifactoryLicense3}
artifactory_license4: ${ArtifactoryLicense4}
artifactory_license5: ${ArtifactoryLicense5}
artifactory_license6: ${ArtifactoryLicense6}
artifactory_product: ${product}
artifactory_flavour: "{{ 'pro' if '${product}' == 'artifactory' else 'jcr' if '${product}' == 'jcr' }}"
artifactory_server_name: ${ArtifactoryServerName}
server_name: ${ArtifactoryServerName}.${CertificateDomain}
s3_region: ${AWS::Region}
s3_access_key: ${ArtifactoryIamAcessKey}
s3_access_secret_key: ${SecretAccessKey}
s3_bucket: ${ArtifactoryS3Bucket}
certificate: ${Certificate}
certificate_key: ${CertificateKey}
certificate_domain: ${CertificateDomain}
enable_ssl: ${EnableSSL}
ssl_dir: /etc/pki/tls/certs
db_type: ${DatabaseType}
db_driver: ${DatabaseDriver}
db_url: ${DatabaseUrl}
db_user: ${DatabaseUser}
db_password: ${DatabasePassword}
# db_download_url: https://jdbc.postgresql.org/download/postgresql-42.2.12.jar
art_primary: ${ArtifactoryPrimary}
master_key: ${MasterKey}
join_key: ${MasterKey}
extra_java_opts: ${ExtraJavaOptions}
artifactory_version: ${ArtifactoryVersion}
artifactory_keystore:
path: /opt/jfrog/artifactory/app/third-party/java/lib/security/cacerts
default_password: changeit
new_keystore_pass: ${KeystorePassword}
artifactory_java_db_drivers:
- name: ${DatabasePlugin}
url: ${DatabasePluginUrl}
owner: artifactory
group: artifactory
- {
product: !FindInMap [ArtifactoryProductMap, !Ref ArtifactoryProduct, product]
}
mode: "0400"
/root/.vault_pass.txt:
content: !Sub |
${AnsibleVaultPass}
mode: "0400"
/root/.secureit.sh:
content:
ansible-vault encrypt /root/.jfrog_ami/artifactory.yml --vault-id /root/.vault_pass.txt
mode: "0770"
secure-artifactory:
commands:
'secure ansible playbook':
command: '/root/.secureit.sh'
ignoreErrors: 'false'
Properties:
AssociatePublicIpAddress: false
KeyName: !Ref KeyPairName
IamInstanceProfile: !Ref HostProfile
ImageId: !FindInMap
- AWSAMIRegionMap
- !Ref 'AWS::Region'
- !FindInMap
- ArtifactoryProductMap
- !Ref ArtifactoryProduct
- !Ref AmiId
SecurityGroups:
- !Ref SecurityGroups
InstanceType: !Ref InstanceType
BlockDeviceMappings:
- DeviceName: /dev/xvda
Ebs:
VolumeSize: !Ref VolumeSize
VolumeType: gp2
DeleteOnTermination: true
UserData:
'Fn::Base64':
!Sub |
#!/bin/bash -x
#CFN Functions
function cfn_fail
{
cfn-signal -e 1 --stack ${AWS::StackName} --region ${AWS::Region} --resource ArtifactoryScalingGroup
exit 1
}
function cfn_success
{
cfn-signal -e 0 --stack ${AWS::StackName} --region ${AWS::Region} --resource ArtifactoryScalingGroup
exit 0
}
S3URI=${QsS3Uri}
# yum install -y git
echo $PATH
PATH=/opt/aws/bin:$PATH
echo $PATH
echo \'[Cloning: Load QuickStart Common Utils]\'
# git clone https://github.com/aws-quickstart/quickstart-linux-utilities.git
source /quickstart-linux-utilities/quickstart-cfn-tools.source
echo \'[Loaded: Load QuickStart Common Utils]\'
echo \'[Update Operating System]\'
qs_update-os || qs_err
qs_bootstrap_pip || qs_err
qs_aws-cfn-bootstrap || qs_err
source ~/venv/bin/activate &> /var/log/userdata.activate_venv.log || qs_err " activate venv failed "
# CentOS cloned virtual machines do not create a new machine id
# https://www.thegeekdiary.com/centos-rhel-7-how-to-change-the-machine-id/
rm -f /etc/machine-id
systemd-machine-id-setup
# mkdir ~/.artifactory_ansible
# aws s3 --region ${AWS::Region} sync s3://${QsS3BucketName}/${QsS3KeyPrefix}cloudInstallerScripts/ ~/.artifactory_ansible/
cfn-init -v --stack ${AWS::StackName} --resource ArtifactoryLaunchConfiguration --configsets artifactory_install --region ${AWS::Region} || cfn_fail
export ANSIBLE_VAULT_PASSWORD_FILE="/root/.vault_pass.txt"
setsebool httpd_can_network_connect 1 -P
ansible-playbook /root/.jfrog_ami/artifactory.yml || qs_err " ansible execution failed "
rm -rf /root/.secureit.sh
[ $(qs_status) == 0 ] && cfn_success || cfn_fail

457
Amazon/Marketplace/v7112/templates/jfrog-artifactory-ec2-marketplace-master.template.yaml Normal file
View File

@@ -0,0 +1,457 @@
AWSTemplateFormatVersion: '2010-09-09'
Description: 'JFrog Artifactory Quick Start Deployment (qs-1qpmmjh2f)'
Metadata:
QuickStartDocumentation:
EntrypointName: "Launch into a new VPC"
AWS::CloudFormation::Interface:
ParameterGroups:
- Label:
default: Security configuration
Parameters:
- KeyPairName
- AccessCidr
- RemoteAccessCidr
- Label:
default: Network configuration
Parameters:
- PrivateSubnet1Cidr
- PrivateSubnet2Cidr
- VpcId
- VpcCidr
- PublicSubnet1Id
- PublicSubnet2Id
- PrivateSubnet1Id
- PrivateSubnet2Id
- Label:
default: Amazon EC2 configuration
Parameters:
- VolumeSize
- InstanceType
- Label:
default: JFrog Artifactory configuration
Parameters:
- ArtifactoryVersion
- NumberOfSecondary
- SmLicenseCertName
- ArtifactoryServerName
- MasterKey
- ExtraJavaOptions
- DefaultJavaMemSettings
- KeystorePassword
- AnsibleVaultPass
- Label:
default: Amazon RDS configuration
Parameters:
- DatabaseName
- DatabaseEngine
- DatabaseUser
- DatabasePassword
- DatabaseInstance
- DatabaseAllocatedStorage
- MultiAzDatabase
- Label:
default: JFrog Xray Configuration
Parameters:
- InstallXray
- XrayVersion
- XrayNumberOfInstances
- XrayInstanceType
- XrayDatabaseUser
- XrayDatabasePassword
ParameterLabels:
KeyPairName:
default: SSH key name
PrivateSubnet1Cidr:
default: Private subnet 1 CIDR
PrivateSubnet2Cidr:
default: Private subnet 2 CIDR
AccessCidr:
default: Permitted IP range
RemoteAccessCidr:
default: Remote access CIDR
VpcId:
default: VPC ID
VpcCidr:
default: VPC CIDR
PublicSubnet1Id:
default: Public subnet 1 ID
PublicSubnet2Id:
default: Public subnet 2 ID
PrivateSubnet1Id:
default: Private subnet 1 ID
PrivateSubnet2Id:
default: Private subnet 2 ID
VolumeSize:
default: EBS root volume size
InstanceType:
default: EC2 instance type
NumberOfSecondary:
default: Secondary instances
ArtifactoryVersion:
default: Artifactory version
SmLicenseCertName:
default: Artifactory licenses and certificate secret name
ArtifactoryServerName:
default: Artifactory server name
MasterKey:
default: Master server key
ExtraJavaOptions:
default: Extra Java options
DefaultJavaMemSettings:
default: Default Java memory settings
KeystorePassword:
default: Java key store password
AnsibleVaultPass:
default: Ansible Vault password
DatabaseName:
default: Database name
DatabaseEngine:
default: Database engine
DatabaseUser:
default: Database user
DatabasePassword:
default: Database password
DatabaseInstance:
default: Database instance type
DatabaseAllocatedStorage:
default: Database allocated storage
MultiAzDatabase:
default: High-availability database
InstallXray:
default: Install JFrog Xray
XrayVersion:
default: Version of Xray to install
XrayNumberOfInstances:
default: Number of JFrog XrayNumberOfInstances
XrayInstanceType:
default: Xray instance type
XrayDatabaseUser:
default: Xray Database user
XrayDatabasePassword:
default: Xray Database password
Parameters:
VpcId:
Description: ID of your existing VPC (e.g., vpc-0343606e).
Type: "AWS::EC2::VPC::Id"
VpcCidr:
Description: CIDR block for the VPC.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.0.0/16
Type: String
PublicSubnet1Id:
Description: ID of the public subnet in Availability Zone 1 of your existing VPC (e.g., subnet-z0376dab).
Type: "AWS::EC2::Subnet::Id"
PublicSubnet2Id:
Description: ID of the public subnet in Availability Zone 2 of your existing VPC (e.g., subnet-a29c3d84).
Type: "AWS::EC2::Subnet::Id"
PrivateSubnet1Id:
Description: ID of the private subnet in Availability Zone 1 of your existing VPC (e.g., subnet-a0246dcd).
Type: "AWS::EC2::Subnet::Id"
PrivateSubnet2Id:
Description: ID of the private subnet in Availability Zone 2 of your existing VPC (e.g., subnet-b58c3d67).
Type: "AWS::EC2::Subnet::Id"
KeyPairName:
Description: Name of an existing key pair,
which allows you to connect securely to your instance after it launches.
This is the key pair you created in your preferred Region.
Type: AWS::EC2::KeyPair::KeyName
PrivateSubnet1Cidr:
Description: CIDR block for private subnet 1, located in Availability Zone 1.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.0.0/19
Type: String
PrivateSubnet2Cidr:
Description: CIDR block for private subnet 2, located in Availability Zone 2.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.32.0/19
Type: String
AccessCidr:
Description: CIDR IP range permitted to access Artifactory.
It is recommended that you set this value to a trusted IP range.
For example, you may want to limit software access to your corporate network.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$
Type: String
RemoteAccessCidr:
Description: Remote CIDR range that allows you to connect to the bastion instance by using SSH.
It is recommended that you set this value to a trusted IP range.
For example, you may want to grant specific ranges from within your corporate network that use the SSH protocol.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$
Type: String
VolumeSize:
Description: Size in gigabytes of available storage (min 10GB). The Quick Start creates an
Amazon Elastic Block Store (Amazon EBS) volumes of this size.
Default: 200
Type: Number
InstanceType:
Description: EC2 type for the Artifactory instances.
AllowedValues:
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m5.metal
- m5d.large
- m5d.xlarge
- m5d.2xlarge
- m5d.4xlarge
- m5d.8xlarge
- m5d.12xlarge
- m5d.16xlarge
- m5d.24xlarge
- m5d.metal
- m5a.large
- m5a.xlarge
- m5a.2xlarge
- m5a.4xlarge
- m5a.8xlarge
- m5a.12xlarge
- m5a.16xlarge
- m5a.24xlarge
ConstraintDescription: Must contain valid instance type.
Default: m5.xlarge
Type: String
NumberOfSecondary:
Description: Number of secondary Artifactory servers to complete your
HA deployment. To align with Artifactory best practices, the minimum number
is two, and the maximum is seven. Do not select more instances than you
have licenses for.
AllowedValues:
- 0
- 1
- 2
- 3
- 4
- 5
- 6
- 7
Default: 2
Type: Number
ArtifactoryVersion:
Description: Version of Artifactory that you want to deploy into the Quick Start.
To select the correct version, see the release notes at
https://www.jfrog.com/confluence/display/RTF/Release+Notes.
AllowedPattern: ^(([0-9]|[1-9][0-9])\.){2}([1-9][0-9]|[0-9])$
ConstraintDescription: A version that matches X.X.X per Artifactory releases.
Default: 7.11.2
Type: String
SmLicenseCertName:
Description: Secret name created in AWS Secrets Manager that contains the SSL certificate, certificate key, and Artifactory licenses.
Default: ''
Type: String
ArtifactoryServerName:
Description: Name of your Artifactory server. Ensure that this matches your certificate.
Type: String
MasterKey:
Description: Master key for the Artifactory cluster. Generate a master key by using the command '$openssl rand -hex 16'.
AllowedPattern: ^[a-zA-Z0-9]+$
MinLength: '1'
MaxLength: '64'
ConstraintDescription: Only capital or lowercase letters and numbers, with a Max of 64 characters.
NoEcho: 'true'
Type: String
ExtraJavaOptions:
Description: Set Java options to pass to the JVM for Artifactory. For more information, see the Artifactory
system requirements at https://www.jfrog.com/confluence/display/RTF/System+Requirements#SystemRequirements-RecommendedHardware.
Do not add Xms or Xmx settings without disabling DefaultJavaMemSettings.
Default: -Xss256k -XX:+UseG1GC
Type: String
DefaultJavaMemSettings:
Description: Choose false to overwrite the standard memory-calculation options to pass to the Artifactory JVM.
If you plan to overwrite them, ensure they are added to the ExtraJavaOptions to prevent the stack provision from failing.
ConstraintDescription: True or False
AllowedValues:
- "true"
- "false"
Default: "true"
Type: String
KeystorePassword:
Description: Java key store password. For better security, the password that you specify will
replace the default Java key store password.
NoEcho: 'true'
Type: String
AnsibleVaultPass:
Description: Ansible Vault password to protect the Artifactory YAML configuration file
generated during the Artifactory deployment. This YAML file is stored on the EC2 nodes
and secured with this password.
NoEcho: 'true'
Type: String
DatabaseName:
Description: Name of your database instance. The name must be unique across all instances
owned by your AWS account in the current Region. The database instance identifier is case-insensitive,
but it's stored in lowercase (as in "mydbinstance").
AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$
MinLength: '1'
MaxLength: '60'
ConstraintDescription: 1 to 60 alphanumeric characters First character must be a letter.
Default: artdb
Type: String
DatabaseEngine:
Description: Database engine that you want to run.
AllowedValues:
- Postgres
Default: Postgres
Type: String
DatabaseUser:
Description: Login ID for the master user of your database instance.
MinLength: '1'
MaxLength: '16'
AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$
ConstraintDescription: 1 to 16 alphanumeric characters. The first character must be a letter.
Default: artifactory
Type: String
DatabasePassword:
Description: Password for the Artifactory database user.
AllowedPattern: ^[^ \\']+$
MinLength: '8'
MaxLength: '12'
ConstraintDescription: Must be at least 8 and no more than
12 characters containing letters and (minimum 1 capital letter), numbers and
symbols.
NoEcho: 'true'
Type: String
DatabaseInstance:
Description: Size of the database to be deployed as part of the Quick Start.
AllowedValues:
- db.m5.large
- db.m5.xlarge
- db.m5.2xlarge
- db.m5.10xlarge
- db.m5.16xlarge
- db.m5.large
- db.m5.xlarge
- db.m5.2xlarge
- db.m5.4xlarge
- db.m5.12xlarge
- db.m5.24xlarge
ConstraintDescription: Must be a valid database Instance Type.
Default: db.m5.large
Type: String
DatabaseAllocatedStorage:
Description: Size in gigabytes of available storage for the database instance.
MinValue: 5
MaxValue: 1024
Default: 10
Type: Number
MultiAzDatabase:
Description: Choose false to create an Amazon RDS instance in a single Availability Zone.
ConstraintDescription: True or False
AllowedValues:
- "true"
- "false"
Default: "true"
Type: String
InstallXray:
Description: Choose true to install JFrog Xray instance(s).
ConstraintDescription: True or False
AllowedValues:
- "true"
- "false"
Default: "true"
Type: String
XrayVersion:
Description: The version of Xray that you want to deploy into the Quick Start.
AllowedPattern: ^(([0-9]|[1-9][0-9])\.){2}([1-9][0-9]|[0-9])$
ConstraintDescription: A version that matches X.X.X per Xray releases.
Default: 3.11.2
Type: String
XrayNumberOfInstances:
Description: The number of Xray instances servers to complete your
HA deployment. The minimum number is one; the maximum is seven.
Do not select more than instances than you have licenses for.
MinValue: 1
MaxValue: 7
Default: 1
Type: Number
XrayInstanceType:
Description: The EC2 instance type for the Xray instances.
AllowedValues:
- c5.2xlarge
- c5.4xlarge
ConstraintDescription: Must contain valid instance type.
Default: c5.2xlarge
Type: String
XrayDatabaseUser:
Description: The login ID for the Xray database user.
MinLength: '1'
MaxLength: '16'
AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$
ConstraintDescription: 1 to 16 alphanumeric characters. First character must be a letter.
Default: xray
Type: String
XrayDatabasePassword:
Description: The password for the Xray database user.
AllowedPattern: ^[^ \\']+$
MinLength: '8'
MaxLength: '12'
ConstraintDescription: Must be at least 8 and no more than
12 characters containing letters and (minimum 1 capital letter), numbers and
symbols.
NoEcho: 'true'
Type: String
Resources:
ArtifactoryExistingVpcStack:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: !Sub https://jfrog-aws-test.s3.us-east-1.${AWS::URLSuffix}/artifactory7/v7112/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml
# TemplateURL: !Sub https://jfrog-aws-test.s3.us-east-1.${AWS::URLSuffix}/artifactory7/v7112/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml
Parameters:
KeyPairName: !Ref KeyPairName
VpcId: !Ref VpcId
VpcCidr: !Ref VpcCidr
PublicSubnet1Id: !Ref PublicSubnet1Id
PublicSubnet2Id: !Ref PublicSubnet2Id
PrivateSubnet1Id: !Ref PrivateSubnet1Id
PrivateSubnet2Id: !Ref PrivateSubnet2Id
PrivateSubnet1Cidr: !Ref PrivateSubnet1Cidr
PrivateSubnet2Cidr: !Ref PrivateSubnet2Cidr
AccessCidr: !Ref AccessCidr
RemoteAccessCidr: !Ref RemoteAccessCidr
ProvisionBastionHost: "Disabled"
BastionInstanceType: "t3.micro"
BastionRootVolumeSize: 10
BastionEnableTcpForwarding: "true"
BastionEnableX11Forwarding: "false"
BastionOs: "Amazon-Linux2-HVM"
NumBastionHosts: "1"
VolumeSize: !Ref VolumeSize
InstanceType: !Ref InstanceType
NumberOfSecondary: !Ref NumberOfSecondary
ArtifactoryProduct: "JFrog-Artifactory-Pro"
ArtifactoryVersion: !Ref ArtifactoryVersion
SmLicenseCertName: !Ref SmLicenseCertName
ArtifactoryServerName: !Ref ArtifactoryServerName
MasterKey: !Ref MasterKey
ExtraJavaOptions: !Ref ExtraJavaOptions
DefaultJavaMemSettings: !Ref DefaultJavaMemSettings
KeystorePassword: !Ref KeystorePassword
AnsibleVaultPass: !Ref AnsibleVaultPass
DatabaseName: !Ref DatabaseName
DatabaseEngine: !Ref DatabaseEngine
DatabaseUser: !Ref DatabaseUser
DatabasePassword: !Ref DatabasePassword
DatabaseInstance: !Ref DatabaseInstance
DatabaseAllocatedStorage: !Ref DatabaseAllocatedStorage
MultiAzDatabase: !Ref MultiAzDatabase
QsS3BucketName: "jfrog-aws-test"
QsS3KeyPrefix: "artifactory7/v7112/"
QsS3BucketRegion: "us-east-1"
InstallXray: !Ref InstallXray
XrayVersion: !Ref XrayVersion
XrayNumberOfInstances: !Ref XrayNumberOfInstances
XrayInstanceType: !Ref XrayInstanceType
XrayDatabaseUser: !Ref XrayDatabaseUser
XrayDatabasePassword: !Ref XrayDatabasePassword
Outputs:
ArtifactoryUrl:
Description: URL of the ELB to access Artifactory
Value: !Sub ${ArtifactoryExistingVpcStack.Outputs.ArtifactoryUrl}
BastionIp:
Value: !Sub ${ArtifactoryExistingVpcStack.Outputs.BastionIp}
Description: Bastion host IP, for admin access via SSH

279
Amazon/Marketplace/v7112/templates/jfrog-xray-ec2-instance.template.yaml Normal file
View File

@@ -0,0 +1,279 @@
AWSTemplateFormatVersion: "2010-09-09"
Description: "Deploys the EC2 Autoscaling, LaunchConfig and Instance for Xray"
Parameters:
PrivateSubnet1Id:
Type: 'AWS::EC2::Subnet::Id'
PrivateSubnet2Id:
Type: 'AWS::EC2::Subnet::Id'
KeyPairName:
Type: AWS::EC2::KeyPair::KeyName
MinScalingNodes:
Type: Number
MaxScalingNodes:
Type: Number
DeploymentTag:
Type: String
QsS3BucketName:
Type: String
QsS3KeyPrefix:
Type: String
QsS3Uri:
Type: String
DatabaseDriver:
Type: String
DatabaseType:
Type: String
DatabaseUser:
Type: String
DatabasePassword:
Type: String
NoEcho: 'true'
MasterKey:
Type: String
NoEcho: 'true'
SecurityGroups:
Type: String
VolumeSize:
Type: Number
XrayHostProfile:
Type: String
XrayHostRole:
Type: String
XrayInstanceType:
Type: String
JfrogInternalUrl:
Type: String
AnsibleVaultPass:
Description: Ansiblevault Password to secure the artifactory.yml
Type: String
NoEcho: 'true'
XrayDatabaseUser:
Type: String
XrayDatabasePassword:
Type: String
NoEcho: 'true'
XrayMasterDatabaseUrl:
Type: String
XrayDatabaseUrl:
Type: String
XrayFirstNode:
Description: Runs database scripts if this is the first node
Type: String
XrayVersion:
Type: String
XrayAmiId:
Type: String
# To populate additional mappings use the following with the desired --region
# aws --region us-west-2 ec2 describe-images --owners amazon --filters 'Name=name,Values=amzn-ami-hvm-2018.03.0.20181129-x86_64-gp2' 'Name=state,Values=available' --output json | jq -r '.Images | sort_by(.CreationDate) | last(.[]).ImageId'
Mappings:
AWSAMIRegionMap:
ap-northeast-1:
"330": ami-09dfb20a591375d09 # TODO: Get correct ami - provided by market place tem
"361": ami-09dfb20a591375d09 # TODO: Get correct ami - provided by market place tem
ap-northeast-2:
"330": ami-0eb86b82de93a34fb # TODO: Get correct ami - provided by market place tem
"361": ami-0eb86b82de93a34fb # TODO: Get correct ami - provided by market place tem
ap-south-1:
"330": ami-01b828aa6cc99a322 # TODO: Get correct ami - provided by market place tem
"361": ami-01b828aa6cc99a322 # TODO: Get correct ami - provided by market place tem
ap-southeast-1:
"330": ami-04a94cc4dc0d08c98 # TODO: Get correct ami - provided by market place tem
"361": ami-04a94cc4dc0d08c98 # TODO: Get correct ami - provided by market place tem
ap-southeast-2:
"330": ami-030871aa8d1f0689e # TODO: Get correct ami - provided by market place tem
"361": ami-030871aa8d1f0689e # TODO: Get correct ami - provided by market place tem
ca-central-1:
"330": ami-0148cebea7bea4aaf # TODO: Get correct ami - provided by market place tem
"361": ami-0148cebea7bea4aaf # TODO: Get correct ami - provided by market place tem
eu-central-1:
"330": ami-07961f7c210143a42 # TODO: Get correct ami - provided by market place tem
"361": ami-07961f7c210143a42 # TODO: Get correct ami - provided by market place tem
eu-west-1:
"330": ami-0171b8d46941b4ca1 # TODO: Get correct ami - provided by market place tem
"361": ami-0171b8d46941b4ca1 # TODO: Get correct ami - provided by market place tem
sa-east-1:
"330": ami-0596f196b273bb8a6 # TODO: Get correct ami - provided by market place tem
"361": ami-0596f196b273bb8a6 # TODO: Get correct ami - provided by market place tem
us-east-1:
"330": ami-0d4d4252cdc2b6f11 # TODO: Get correct ami - provided by market place tem
"361": ami-086fcbf4aa2bd203f # TODO: Get correct ami - provided by market place tem
"386": ami-0becff949aa530956 # partnership account + seller account
"3103": ami-0e19b1335bc3654c3 # seller account (shared with partnership account)
"3112": ami-0819678d7216af530 # seller account (shared with partnership account)
us-east-2:
"330": ami-00a5fcde44618d39b # TODO: Get correct ami - using ami generated by myself - provided by market place tem
"361": ami-005b2ceceac6999ff # TODO: Get correct ami - using ami generated by myself - provided by market place tem
"3112": ami-0bd793595d742f794 # seller account (shared with partnership account)
us-west-1:
"330": ami-068cd684b4d3a3a86 # TODO: Get correct ami - provided by market place tem
"361": ami-068cd684b4d3a3a86 # TODO: Get correct ami - provided by market place tem
"3112": ami-012cc5d182bd3bd2b # seller account (shared with partnership account)
us-west-2:
"330": ami-03d60da4c8a146a55 # TODO: Get correct ami - provided by market place tem
"361": ami-03d60da4c8a146a55 # TODO: Get correct ami - provided by market place tem
"386": ami-07af1682f09ef4a20 # partnership account + seller account
"3112": ami-0b2006b832e129368 # seller account (shared with partnership account)
us-gov-east-1:
"361": ami-001d5cec1e7399f65 # TODO: Get correct ami - provided by market place tem
"3103": ami-08d1d573a758ba6b2
"3112": ami-06e7ce8983a50fd9c
us-gov-west-1:
"361": ami-0eb4eecce8d5bcb80 # TODO: Get correct ami - provided by market place tem
Resources:
XrayScalingGroup:
Type: 'AWS::AutoScaling::AutoScalingGroup'
Properties:
LaunchConfigurationName: !Ref XrayLaunchConfiguration
VPCZoneIdentifier:
- !Ref PrivateSubnet1Id
- !Ref PrivateSubnet2Id
MinSize: !Ref MinScalingNodes
MaxSize: !Ref MaxScalingNodes
Cooldown: '300'
DesiredCapacity: !Ref MinScalingNodes
HealthCheckType: EC2
HealthCheckGracePeriod: 900
Tags:
- Key: Name
Value: !Ref DeploymentTag
PropagateAtLaunch: true
CreationPolicy:
ResourceSignal:
Count: 1
Timeout: PT60M
XrayLaunchConfiguration:
Type: 'AWS::AutoScaling::LaunchConfiguration'
Metadata:
'AWS::CloudFormation::Authentication':
S3AccessCreds:
type: S3
roleName:
- !Ref XrayHostRole
buckets:
- !Ref QsS3BucketName
'AWS::CloudFormation::Init':
configSets:
xray_install:
- "config-xray"
config-xray:
files:
/root/.xray_ami/xray.yml:
content: !Sub
- |
# Base install for Xray
- import_playbook: site-xray.yml
vars:
jfrog_url: ${JfrogInternalUrl}
master_key: ${MasterKey}
join_key: ${MasterKey}
db_type: ${DatabaseType}
db_driver: ${DatabaseDriver}
db_url: postgres://${XrayDatabaseUrl}
db_user: ${XrayDatabaseUser}
db_password: ${XrayDatabasePassword}
xray_version: ${XrayVersion}
- {
product: Xray
}
mode: "0400"
/root/.vault_pass.txt:
content: !Sub |
${AnsibleVaultPass}
mode: "0400"
Properties:
AssociatePublicIpAddress: false
KeyName: !Ref KeyPairName
IamInstanceProfile: !Ref XrayHostProfile
ImageId: !FindInMap
- AWSAMIRegionMap
- !Ref 'AWS::Region'
- !Ref XrayAmiId
SecurityGroups:
- !Ref SecurityGroups
InstanceType: !Ref XrayInstanceType
BlockDeviceMappings:
- DeviceName: /dev/xvda
Ebs:
VolumeSize: !Ref VolumeSize
VolumeType: gp2
DeleteOnTermination: true
UserData:
'Fn::Base64':
!Sub |
#!/bin/bash -x
exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1
#CFN Functions
function cfn_fail
{
cfn-signal -e 1 --stack ${AWS::StackName} --region ${AWS::Region} --resource XrayScalingGroup
exit 1
}
function cfn_success
{
cfn-signal -e 0 --stack ${AWS::StackName} --region ${AWS::Region} --resource XrayScalingGroup
exit 0
}
S3URI=${QsS3Uri}
# yum install -y git
echo $PATH
PATH=/opt/aws/bin:$PATH
echo $PATH
echo \'[Cloning: Load QuickStart Common Utils]\'
# git clone https://github.com/aws-quickstart/quickstart-linux-utilities.git
source /quickstart-linux-utilities/quickstart-cfn-tools.source
echo \'[Loaded: Load QuickStart Common Utils]\'
echo \'[Update Operating System]\'
qs_update-os || qs_err
qs_bootstrap_pip || qs_err
qs_aws-cfn-bootstrap || qs_err
source ~/venv/bin/activate &> /var/log/userdata.activate_venv.log || qs_err " activate venv failed "
# mkdir ~/.xray_ansible
# aws s3 --region ${AWS::Region} sync s3://${QsS3BucketName}/${QsS3KeyPrefix}cloudInstallerScripts/ ~/.xray_ansible/
cfn-init -v --stack ${AWS::StackName} --resource XrayLaunchConfiguration --configsets xray_install --region ${AWS::Region} || cfn_fail
# CentOS cloned virtual machines do not create a new machine id
# https://www.thegeekdiary.com/centos-rhel-7-how-to-change-the-machine-id/
rm -f /etc/machine-id
systemd-machine-id-setup
if "true" == "${XrayFirstNode}"
then
psql postgresql://${DatabaseUser}:${DatabasePassword}@${XrayMasterDatabaseUrl} -c "CREATE USER ${XrayDatabaseUser} WITH PASSWORD '${XrayDatabasePassword}'" &>> /var/log/userdata.xray_database.log;
psql postgresql://${DatabaseUser}:${DatabasePassword}@${XrayMasterDatabaseUrl} -c "grant ${XrayDatabaseUser} to ${DatabaseUser}" &>> /var/log/userdata.xray_database.log;
psql postgresql://${DatabaseUser}:${DatabasePassword}@${XrayMasterDatabaseUrl} -c "CREATE DATABASE xraydb WITH OWNER=${XrayDatabaseUser} ENCODING='UTF8'" &>> /var/log/userdata.xray_database.log;
psql postgresql://${DatabaseUser}:${DatabasePassword}@${XrayMasterDatabaseUrl} -c "GRANT ALL PRIVILEGES ON DATABASE xraydb TO ${XrayDatabaseUser}" &>> /var/log/userdata.xray_database.log;
fi
ansible-playbook /root/.xray_ami/xray.yml || qs_err " ansible execution failed "
$(qs_status) &> /var/log/qs_status.log
cfn_success &> /var/log/cfn_success.log
[ $(qs_status) == 0 ] && cfn_success || cfn_fail

5
Ansible/README.md
View File

@@ -10,6 +10,7 @@ This Ansible directory consists of the following directories that support the JF
## Tested Artifactory and Xray Versions ## Tested Artifactory and Xray Versions
The following versions of Artifactory and Xray have been validated with this collection. Other versions and combinations may also work. The following versions of Artifactory and Xray have been validated with this collection. Other versions and combinations may also work.
| collection_version | artifactory_version | xray_version | | collection_version | artifactory_version | xray_version |
|--------------------|---------------------|--------------| |--------------------|---------------------|--------------|
| 1.1.2 | 7.10.2 | 3.10.3 | | 1.1.2 | 7.10.2 | 3.10.3 |
@@ -117,3 +118,7 @@ The Artifactory and Xray roles support software updates. To use a role to perfor
``` ```
ansible-galaxy collection build ansible-galaxy collection build
``` ```
## OS support
* Current ansible collection only supports ubuntu and its flavours
* Centos/RHEL and SELinux support is coming soon, stay tuned :)

6
Ansible/examples/host_vars/rt-ha/hosts.yml
View File

@@ -2,14 +2,14 @@
all: all:
vars: vars:
ansible_user: "ubuntu" ansible_user: "ubuntu"
ansible_ssh_private_key_file: "/Users/jefff/.ssh/ansible-priv.pem" ansible_ssh_private_key_file: "{{ lookup('env', 'ansible_key') }}"
children: children:
database: database:
hosts: hosts:
#artifactory database #artifactory database
52.86.32.79: 52.86.32.79:
db_users: db_users:
- { db_user: "artifactory", db_password: "Art1fAct0ry" } - { db_user: "artifactory", db_password: "{{ lookup('env', 'artifactory_password') }}" }
dbs: dbs:
- { db_name: "artifactory", db_owner: "artifactory" } - { db_name: "artifactory", db_owner: "artifactory" }
artifactory: artifactory:
@@ -23,7 +23,7 @@ all:
db_driver: "org.postgresql.Driver" db_driver: "org.postgresql.Driver"
db_url: "jdbc:postgresql://10.0.0.160:5432/artifactory" db_url: "jdbc:postgresql://10.0.0.160:5432/artifactory"
db_user: "artifactory" db_user: "artifactory"
db_password: "Art1fAct0ry" db_password: "{{ lookup('env', 'artifactory_password') }}"
server_name: "ec2-100-25-104-198.compute-1.amazonaws.com" server_name: "ec2-100-25-104-198.compute-1.amazonaws.com"
certificate: | certificate: |
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----

10
Ansible/examples/host_vars/rt-xray-ha/hosts.yml
View File

@@ -2,7 +2,7 @@
all: all:
vars: vars:
ansible_user: "ubuntu" ansible_user: "ubuntu"
ansible_ssh_private_key_file: "/Users/jefff/.ssh/ansible-priv.pem" ansible_ssh_private_key_file: "{{ lookup('env', 'ansible_key') }}"
children: children:
database: database:
hosts: hosts:
@@ -11,13 +11,13 @@ all:
dbs: dbs:
- { db_name: "artifactory", db_owner: "artifactory" } - { db_name: "artifactory", db_owner: "artifactory" }
db_users: db_users:
- { db_user: "artifactory", db_password: "Art1fAct0ry" } - { db_user: "artifactory", db_password: "{{ lookup('env', 'artifactory_password') }}" }
#xray database #xray database
100.25.152.93: 100.25.152.93:
dbs: dbs:
- { db_name: "xraydb", db_owner: "xray" } - { db_name: "xraydb", db_owner: "xray" }
db_users: db_users:
- { db_user: "xray", db_password: "xray" } - { db_user: "xray", db_password: "{{ lookup('env', 'xray_password') }}" }
artifactory: artifactory:
vars: vars:
artifactory_version: 7.4.1 artifactory_version: 7.4.1
@@ -29,7 +29,7 @@ all:
db_driver: "org.postgresql.Driver" db_driver: "org.postgresql.Driver"
db_url: "jdbc:postgresql://10.0.0.51:5432/artifactory" db_url: "jdbc:postgresql://10.0.0.51:5432/artifactory"
db_user: "artifactory" db_user: "artifactory"
db_password: "Art1fAct0ry" db_password: "{{ lookup('env', 'artifactory_password') }}"
server_name: "ec2-18-210-33-94.compute-1.amazonaws.com" server_name: "ec2-18-210-33-94.compute-1.amazonaws.com"
children: children:
primary: primary:
@@ -51,7 +51,7 @@ all:
db_driver: "org.postgresql.Driver" db_driver: "org.postgresql.Driver"
db_url: "postgres://10.0.0.5:5432/xraydb?sslmode=disable" db_url: "postgres://10.0.0.5:5432/xraydb?sslmode=disable"
db_user: "xray" db_user: "xray"
db_password: "xray" db_password: "{{ lookup('env', 'xray_password') }}"
hosts: hosts:
# 34.229.56.166: # 34.229.56.166:
54.237.68.180 54.237.68.180

10
Ansible/examples/host_vars/rt-xray/hosts.yml
View File

@@ -2,7 +2,7 @@
all: all:
vars: vars:
ansible_user: "ubuntu" ansible_user: "ubuntu"
ansible_ssh_private_key_file: "/Users/jefff/.ssh/ansible-priv.pem" ansible_ssh_private_key_file: "{{ lookup('env', 'ansible_key') }}"
children: children:
database: database:
hosts: hosts:
@@ -11,8 +11,8 @@ all:
- { db_name: "artifactory", db_owner: "artifactory" } - { db_name: "artifactory", db_owner: "artifactory" }
- { db_name: "xraydb", db_owner: "xray" } - { db_name: "xraydb", db_owner: "xray" }
db_users: db_users:
- { db_user: "artifactory", db_password: "Art1fAct0ry" } - { db_user: "artifactory", db_password: "{{ lookup('env', 'artifactory_password') }}" }
- { db_user: "xray", db_password: "xray" } - { db_user: "xray", db_password: "{{ lookup('env', 'xray_password') }}" }
artifactory: artifactory:
hosts: hosts:
54.237.207.135: 54.237.207.135:
@@ -29,7 +29,7 @@ all:
db_driver: "org.postgresql.Driver" db_driver: "org.postgresql.Driver"
db_url: "jdbc:postgresql://10.0.0.59:5432/artifactory" db_url: "jdbc:postgresql://10.0.0.59:5432/artifactory"
db_user: "artifactory" db_user: "artifactory"
db_password: "Art1fAct0ry" db_password: "{{ lookup('env', 'artifactory_password') }}"
server_name: "ec2-54-237-207-135.compute-1.amazonaws.com" server_name: "ec2-54-237-207-135.compute-1.amazonaws.com"
xray: xray:
hosts: hosts:
@@ -42,4 +42,4 @@ all:
db_driver: "org.postgresql.Driver" db_driver: "org.postgresql.Driver"
db_url: "postgres://10.0.0.59:5432/xraydb?sslmode=disable" db_url: "postgres://10.0.0.59:5432/xraydb?sslmode=disable"
db_user: "xray" db_user: "xray"
db_password: "xray" db_password: "{{ lookup('env', 'xray_password') }}"

6
Ansible/examples/host_vars/ssl/hosts.yml
View File

@@ -2,13 +2,13 @@
all: all:
vars: vars:
ansible_user: "ubuntu" ansible_user: "ubuntu"
ansible_ssh_private_key_file: "/Users/jefff/.ssh/ansible-priv.pem" ansible_ssh_private_key_file: "{{ lookup('env', 'ansible_key') }}"
children: children:
database: database:
hosts: hosts:
52.86.32.79: 52.86.32.79:
db_users: db_users:
- { db_user: "artifactory", db_password: "Art1fAct0ry" } - { db_user: "artifactory", db_password: "{{ lookup('env', 'artifactory_password') }}" }
dbs: dbs:
- { db_name: "artifactory", db_owner: "artifactory" } - { db_name: "artifactory", db_owner: "artifactory" }
primary: primary:
@@ -28,7 +28,7 @@ all:
db_driver: "org.postgresql.Driver" db_driver: "org.postgresql.Driver"
db_url: "jdbc:postgresql://10.0.0.160:5432/artifactory" db_url: "jdbc:postgresql://10.0.0.160:5432/artifactory"
db_user: "artifactory" db_user: "artifactory"
db_password: "Art1fAct0ry" db_password: "{{ lookup('env', 'artifactory_password') }}"
server_name: "ec2-100-25-104-198.compute-1.amazonaws.com" server_name: "ec2-100-25-104-198.compute-1.amazonaws.com"
certificate: | certificate: |
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----

2
Ansible/examples/host_vars/xray/hosts.yml
View File

@@ -13,6 +13,6 @@ all:
db_driver: "org.postgresql.Driver" db_driver: "org.postgresql.Driver"
db_url: "postgres://10.0.0.5:5432/xraydb?sslmode=disable" db_url: "postgres://10.0.0.5:5432/xraydb?sslmode=disable"
db_user: "xray" db_user: "xray"
db_password: "xray" db_password: "{{ lookup('env', 'xray_password') }}"
hosts: hosts:
3.17.132.222 3.17.132.222

15
AzureResourceManager/Artifactory/MP_submission/createUiDefinition.json
View File

@@ -132,7 +132,7 @@
"name": "artifactoryVersion", "name": "artifactoryVersion",
"type": "Microsoft.Common.DropDown", "type": "Microsoft.Common.DropDown",
"label": "Artifactory-vm image version to deploy.", "label": "Artifactory-vm image version to deploy.",
"defaultValue": "7.10.2", "defaultValue": "7.11.2",
"toolTip": "Version of Artifactory to deploy", "toolTip": "Version of Artifactory to deploy",
"constraints": { "constraints": {
"allowedValues": [ "allowedValues": [
@@ -170,8 +170,17 @@
}, },
{ {
"label": "7.10.2", "label": "7.10.2",
"value": "0.0.3" "value": "0.0.31"
} },
{
"label": "7.10.5",
"value": "0.0.4"
},
{
"label": "7.10.6",
"value": "0.0.52"
},
{ "label": "7.11.2", "value": "0.0.6" }
], ],
"required": true "required": true
}, },

11
AzureResourceManager/Artifactory/MP_submission/mainTemplate.json
View File

@@ -79,7 +79,7 @@
}, },
"artifactoryVersion": { "artifactoryVersion": {
"type": "string", "type": "string",
"defaultValue": "0.0.3", "defaultValue": "0.0.6",
"allowedValues": [ "allowedValues": [
"6.6.0", "6.6.0",
"6.6.1", "6.6.1",
@@ -96,7 +96,10 @@
"7.4.30", "7.4.30",
"0.0.1", "0.0.1",
"0.0.2", "0.0.2",
"0.0.3" "0.0.31",
"0.0.4",
"0.0.52",
"0.0.6"
], ],
"metadata": { "metadata": {
"description": "Artifactory-vm image version to deploy." "description": "Artifactory-vm image version to deploy."
@@ -778,7 +781,7 @@
"type": "Microsoft.Compute/virtualMachineScaleSets", "type": "Microsoft.Compute/virtualMachineScaleSets",
"name": "[variables('scaleSetPrimaryName')]", "name": "[variables('scaleSetPrimaryName')]",
"location": "[parameters('location')]", "location": "[parameters('location')]",
"apiVersion": "2018-10-01", "apiVersion": "2020-06-01",
"dependsOn": [ "dependsOn": [
"[resourceId('Microsoft.Network/loadBalancers/', variables('lbName'))]", "[resourceId('Microsoft.Network/loadBalancers/', variables('lbName'))]",
"[resourceId('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]", "[resourceId('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]",
@@ -876,7 +879,7 @@
"type": "Microsoft.Compute/virtualMachineScaleSets", "type": "Microsoft.Compute/virtualMachineScaleSets",
"name": "[variables('scaleSetMemberName')]", "name": "[variables('scaleSetMemberName')]",
"location": "[parameters('location')]", "location": "[parameters('location')]",
"apiVersion": "2018-10-01", "apiVersion": "2020-06-01",
"dependsOn": [ "dependsOn": [
"[resourceId('Microsoft.Network/loadBalancers/', variables('lbName'))]", "[resourceId('Microsoft.Network/loadBalancers/', variables('lbName'))]",
"[resourceId('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]", "[resourceId('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]",

3
AzureResourceManager/Artifactory/MP_submission/scripts/install_artifactory7.sh
View File

@@ -25,9 +25,6 @@ export DEBIAN_FRONTEND=noninteractive
mkdir -p /etc/pki/tls/private/ /etc/pki/tls/certs/ mkdir -p /etc/pki/tls/private/ /etc/pki/tls/certs/
openssl req -nodes -x509 -newkey rsa:4096 -keyout /etc/pki/tls/private/example.key -out /etc/pki/tls/certs/example.pem -days 356 -subj "/C=US/ST=California/L=SantaClara/O=IT/CN=*.localhost" openssl req -nodes -x509 -newkey rsa:4096 -keyout /etc/pki/tls/private/example.key -out /etc/pki/tls/certs/example.pem -days 356 -subj "/C=US/ST=California/L=SantaClara/O=IT/CN=*.localhost"
# Install Postgresql driver
curl --retry 5 -L -o /opt/jfrog/artifactory/app/artifactory/tomcat/lib/postgresql-9.4.1212.jar https://jdbc.postgresql.org/download/postgresql-9.4.1212.jar >> /tmp/install-databse-driver.log 2>&1
CERTIFICATE_DOMAIN=$(cat /var/lib/cloud/instance/user-data.txt | grep "^CERTIFICATE_DOMAIN=" | sed "s/CERTIFICATE_DOMAIN=//") CERTIFICATE_DOMAIN=$(cat /var/lib/cloud/instance/user-data.txt | grep "^CERTIFICATE_DOMAIN=" | sed "s/CERTIFICATE_DOMAIN=//")
[ -z "$CERTIFICATE_DOMAIN" ] && CERTIFICATE_DOMAIN=artifactory [ -z "$CERTIFICATE_DOMAIN" ] && CERTIFICATE_DOMAIN=artifactory

12
AzureResourceManager/Artifactory/azuredeploy_ms_ps.json
View File

@@ -79,7 +79,7 @@
}, },
"artifactoryVersion": { "artifactoryVersion": {
"type": "string", "type": "string",
"defaultValue": "0.0.3", "defaultValue": "0.0.7",
"allowedValues": [ "allowedValues": [
"6.11.3", "6.11.3",
"6.15.0", "6.15.0",
@@ -93,7 +93,11 @@
"7.5.7", "7.5.7",
"0.0.1", "0.0.1",
"0.0.2", "0.0.2",
"0.0.3" "0.0.31",
"0.0.4",
"0.0.52",
"0.0.6",
"0.0.7"
], ],
"metadata": { "metadata": {
"description": "Artifactory-vm image version to deploy." "description": "Artifactory-vm image version to deploy."
@@ -775,7 +779,7 @@
"type": "Microsoft.Compute/virtualMachineScaleSets", "type": "Microsoft.Compute/virtualMachineScaleSets",
"name": "[variables('scaleSetPrimaryName')]", "name": "[variables('scaleSetPrimaryName')]",
"location": "[parameters('location')]", "location": "[parameters('location')]",
"apiVersion": "2018-10-01", "apiVersion": "2020-06-01",
"dependsOn": [ "dependsOn": [
"[resourceId('Microsoft.Network/loadBalancers/', variables('lbName'))]", "[resourceId('Microsoft.Network/loadBalancers/', variables('lbName'))]",
"[resourceId('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]", "[resourceId('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]",
@@ -873,7 +877,7 @@
"type": "Microsoft.Compute/virtualMachineScaleSets", "type": "Microsoft.Compute/virtualMachineScaleSets",
"name": "[variables('scaleSetMemberName')]", "name": "[variables('scaleSetMemberName')]",
"location": "[parameters('location')]", "location": "[parameters('location')]",
"apiVersion": "2018-10-01", "apiVersion": "2020-06-01",
"dependsOn": [ "dependsOn": [
"[resourceId('Microsoft.Network/loadBalancers/', variables('lbName'))]", "[resourceId('Microsoft.Network/loadBalancers/', variables('lbName'))]",
"[resourceId('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]", "[resourceId('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]",

14
AzureResourceManager/Artifactory/azuredeploy_ms_ps.parameters.json
View File

@@ -9,7 +9,7 @@
"value": "vmuser" "value": "vmuser"
}, },
"adminPassword": { "adminPassword": {
"value": "password" "value": "OWERWRITE_THE_PASSWORD"
}, },
"db_type": { "db_type": {
"value": "Postgresql_deploy.json" "value": "Postgresql_deploy.json"
@@ -18,7 +18,7 @@
"value": "artifactory" "value": "artifactory"
}, },
"db_password": { "db_password": {
"value": "password" "value": "OWERWRITE_THE_PASSWORD"
}, },
"db_name": { "db_name": {
"value": "artdb" "value": "artdb"
@@ -50,19 +50,19 @@
"value": "GENERATE_JOIN_KEY" "value": "GENERATE_JOIN_KEY"
}, },
"certificate": { "certificate": {
"value": "-----BEGIN CERTIFICATE----- -----END CERTIFICATE-----" "value": "-----BEGIN CERTIFICATE----- <YOUR CERTIFICATE HERE> -----END CERTIFICATE-----"
}, },
"certificateKey": { "certificateKey": {
"value": "-----BEGIN PRIVATE KEY----- -----END PRIVATE KEY-----" "value": "-----BEGIN PRIVATE KEY----- <YOUR CERTIFICATE HERE> -----END PRIVATE KEY-----"
}, },
"artifactoryLicense1": { "artifactoryLicense1": {
"value": "" "value": "<ARTIFACTORY LICENCE FOR MASTER NODE>"
}, },
"artifactoryLicense2": { "artifactoryLicense2": {
"value": "" "value": "<ARTIFACTORY LICENCE FOR MEMBER0 NODE>"
}, },
"artifactoryLicense3": { "artifactoryLicense3": {
"value": "" "value": "<ARTIFACTORY LICENCE FOR MEMBER1 NODE>"
} }
} }
} }

3
AzureResourceManager/Artifactory/scripts/install_artifactory7.sh
View File

@@ -25,9 +25,6 @@ export DEBIAN_FRONTEND=noninteractive
mkdir -p /etc/pki/tls/private/ /etc/pki/tls/certs/ mkdir -p /etc/pki/tls/private/ /etc/pki/tls/certs/
openssl req -nodes -x509 -newkey rsa:4096 -keyout /etc/pki/tls/private/example.key -out /etc/pki/tls/certs/example.pem -days 356 -subj "/C=US/ST=California/L=SantaClara/O=IT/CN=*.localhost" openssl req -nodes -x509 -newkey rsa:4096 -keyout /etc/pki/tls/private/example.key -out /etc/pki/tls/certs/example.pem -days 356 -subj "/C=US/ST=California/L=SantaClara/O=IT/CN=*.localhost"
# Install Postgresql driver
curl --retry 5 -L -o /opt/jfrog/artifactory/app/artifactory/tomcat/lib/postgresql-9.4.1212.jar https://jdbc.postgresql.org/download/postgresql-9.4.1212.jar >> /tmp/install-databse-driver.log 2>&1
CERTIFICATE_DOMAIN=$(cat /var/lib/cloud/instance/user-data.txt | grep "^CERTIFICATE_DOMAIN=" | sed "s/CERTIFICATE_DOMAIN=//") CERTIFICATE_DOMAIN=$(cat /var/lib/cloud/instance/user-data.txt | grep "^CERTIFICATE_DOMAIN=" | sed "s/CERTIFICATE_DOMAIN=//")
[ -z "$CERTIFICATE_DOMAIN" ] && CERTIFICATE_DOMAIN=artifactory [ -z "$CERTIFICATE_DOMAIN" ] && CERTIFICATE_DOMAIN=artifactory

2
AzureResourceManager/Artifactory/vm_install/install_pro7_to_vm.sh
View File

@@ -37,7 +37,7 @@ EOF
#Install database drivers (for Java 11, path is different for RT6 and RT7) #Install database drivers (for Java 11, path is different for RT6 and RT7)
curl --retry 5 -L -o /opt/jfrog/artifactory/app/artifactory/tomcat/lib/mysql-connector-java-5.1.38.jar https://bintray.com/artifact/download/bintray/jcenter/mysql/mysql-connector-java/5.1.38/mysql-connector-java-5.1.38.jar >> /tmp/install-databse-driver.log 2>&1 curl --retry 5 -L -o /opt/jfrog/artifactory/app/artifactory/tomcat/lib/mysql-connector-java-5.1.38.jar https://bintray.com/artifact/download/bintray/jcenter/mysql/mysql-connector-java/5.1.38/mysql-connector-java-5.1.38.jar >> /tmp/install-databse-driver.log 2>&1
curl --retry 5 -L -o /opt/jfrog/artifactory/app/artifactory/tomcat/lib/mssql-jdbc-7.4.1.jre11.jar https://bintray.com/artifact/download/bintray/jcenter/com/microsoft/sqlserver/mssql-jdbc/7.4.1.jre11/mssql-jdbc-7.4.1.jre11.jar >> /tmp/install-databse-driver.log 2>&1 curl --retry 5 -L -o /opt/jfrog/artifactory/app/artifactory/tomcat/lib/mssql-jdbc-7.4.1.jre11.jar https://bintray.com/artifact/download/bintray/jcenter/com/microsoft/sqlserver/mssql-jdbc/7.4.1.jre11/mssql-jdbc-7.4.1.jre11.jar >> /tmp/install-databse-driver.log 2>&1
curl --retry 5 -L -o /opt/jfrog/artifactory/app/artifactory/tomcat/lib/postgresql-9.4.1212.jar https://jdbc.postgresql.org/download/postgresql-9.4.1212.jar >> /tmp/install-databse-driver.log 2>&1 curl --retry 5 -L -o /opt/jfrog/artifactory/app/artifactory/tomcat/lib/postgresql-42.2.18.jar https://jdbc.postgresql.org/download/postgresql-42.2.18.jar >> /tmp/install-databse-driver.log 2>&1
#Configuring nginx #Configuring nginx
rm /etc/nginx/sites-enabled/default rm /etc/nginx/sites-enabled/default

2
AzureResourceManager/Artifactory/vm_install/vm_deploy.json
View File

@@ -70,7 +70,7 @@
"metadata": { "metadata": {
"description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated."
}, },
"defaultValue": "https://raw.githubusercontent.com/jfrog/JFrog-Cloud-Installers/vm-image-templates/AzureResourceManager/Artifactory/" "defaultValue": "https://raw.githubusercontent.com/jfrog/JFrog-Cloud-Installers/master/AzureResourceManager/Artifactory/"
}, },
"_artifactsLocationSasToken": { "_artifactsLocationSasToken": {
"type": "securestring", "type": "securestring",

2
AzureResourceManager/Artifactory/vm_install/vm_parameters.json
View File

@@ -90,7 +90,7 @@
"value": "OWERWRITE_THE_PASSWORD" "value": "OWERWRITE_THE_PASSWORD"
}, },
"artifactoryVersion": { "artifactoryVersion": {
"value": "7.10.2" "value": "7.11.5"
}, },
"scriptName": { "scriptName": {
"value": "install_pro7_to_vm.sh" "value": "install_pro7_to_vm.sh"

15
AzureResourceManager/JCR/MP_submission_7/createUiDefinition.json
View File

@@ -101,7 +101,7 @@
"name": "artifactoryVersion", "name": "artifactoryVersion",
"type": "Microsoft.Common.DropDown", "type": "Microsoft.Common.DropDown",
"label": "JFrog Container Registry-vm image version to deploy.", "label": "JFrog Container Registry-vm image version to deploy.",
"defaultValue": "7.10.2", "defaultValue": "7.11.2",
"toolTip": "Version of JFrog Container Registry to deploy", "toolTip": "Version of JFrog Container Registry to deploy",
"constraints": { "constraints": {
"allowedValues": [ "allowedValues": [
@@ -124,6 +124,18 @@
{ {
"label": "7.10.2", "label": "7.10.2",
"value": "0.0.3" "value": "0.0.3"
},
{
"label": "7.10.5",
"value": "0.0.4"
},
{
"label": "7.10.6",
"value": "0.0.5"
},
{
"label": "7.11.2",
"value": "0.0.61"
} }
], ],
"required": true "required": true
@@ -178,6 +190,7 @@
"validationMessage": "Provide SSL Certificate Key." "validationMessage": "Provide SSL Certificate Key."
}, },
"options": { "options": {
"hideConfirmation": true "hideConfirmation": true
} }
}, },

9
AzureResourceManager/JCR/MP_submission_7/mainTemplate.json
View File

@@ -25,13 +25,16 @@
}, },
"artifactoryVersion": { "artifactoryVersion": {
"type": "string", "type": "string",
"defaultValue": "0.0.3", "defaultValue": "0.0.61",
"allowedValues": [ "allowedValues": [
"7.2.1", "7.2.1",
"7.3.2", "7.3.2",
"7.4.3", "7.4.3",
"0.0.2", "0.0.2",
"0.0.3" "0.0.3",
"0.0.4",
"0.0.5",
"0.0.61"
], ],
"metadata": { "metadata": {
"description": "JFrog Container Registry-vm image version to deploy." "description": "JFrog Container Registry-vm image version to deploy."
@@ -519,7 +522,7 @@
"type": "Microsoft.Compute/virtualMachineScaleSets", "type": "Microsoft.Compute/virtualMachineScaleSets",
"name": "[variables('scaleSetPrimaryName')]", "name": "[variables('scaleSetPrimaryName')]",
"location": "[parameters('location')]", "location": "[parameters('location')]",
"apiVersion": "2018-10-01", "apiVersion": "2020-06-01",
"dependsOn": [ "dependsOn": [
"[resourceId('Microsoft.Network/loadBalancers/', variables('lbName'))]", "[resourceId('Microsoft.Network/loadBalancers/', variables('lbName'))]",
"[resourceId('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]", "[resourceId('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]",

10
AzureResourceManager/JCR/azuredeploy.json
View File

@@ -25,13 +25,17 @@
}, },
"artifactoryVersion": { "artifactoryVersion": {
"type": "string", "type": "string",
"defaultValue": "0.0.3", "defaultValue": "0.0.7",
"allowedValues": [ "allowedValues": [
"7.2.1", "7.2.1",
"7.3.2", "7.3.2",
"7.4.3", "7.4.3",
"0.0.2", "0.0.2",
"0.0.3" "0.0.3",
"0.0.4",
"0.0.5",
"0.0.61",
"0.0.7"
], ],
"metadata": { "metadata": {
"description": "JFrog Container Registry-vm image version to deploy." "description": "JFrog Container Registry-vm image version to deploy."
@@ -519,7 +523,7 @@
"type": "Microsoft.Compute/virtualMachineScaleSets", "type": "Microsoft.Compute/virtualMachineScaleSets",
"name": "[variables('scaleSetPrimaryName')]", "name": "[variables('scaleSetPrimaryName')]",
"location": "[parameters('location')]", "location": "[parameters('location')]",
"apiVersion": "2018-10-01", "apiVersion": "2020-06-01",
"dependsOn": [ "dependsOn": [
"[resourceId('Microsoft.Network/loadBalancers/', variables('lbName'))]", "[resourceId('Microsoft.Network/loadBalancers/', variables('lbName'))]",
"[resourceId('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]", "[resourceId('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]",

2
AzureResourceManager/JCR/vm_install/vm_parameters.json
View File

@@ -81,7 +81,7 @@
"value": "OWERWRITE_THE_PASSWORD" "value": "OWERWRITE_THE_PASSWORD"
}, },
"artifactoryVersion": { "artifactoryVersion": {
"value": "7.10.2" "value": "7.11.5"
}, },
"scriptName": { "scriptName": {
"value": "install_jcr7_to_vm.sh" "value": "install_jcr7_to_vm.sh"

8
AzureResourceManager/Xray/MP_submission/createUiDefinition.json
View File

@@ -123,7 +123,7 @@
"name": "xrayVersion", "name": "xrayVersion",
"type": "Microsoft.Common.DropDown", "type": "Microsoft.Common.DropDown",
"label": "Xray-vm image version to deploy.", "label": "Xray-vm image version to deploy.",
"defaultValue": "3.9.1", "defaultValue": "3.11.2",
"toolTip": "Version of Xray to deploy", "toolTip": "Version of Xray to deploy",
"constraints": { "constraints": {
"allowedValues": [ "allowedValues": [
@@ -142,6 +142,12 @@
{ {
"label": "3.9.1", "label": "3.9.1",
"value": "0.0.6" "value": "0.0.6"
},
{
"label": "3.10.3",
"value": "0.0.7"
},
{ "label": "3.11.2", "value": "0.0.8"
} }
], ],
"required": true "required": true

10
AzureResourceManager/Xray/MP_submission/mainTemplate.json
View File

@@ -19,12 +19,14 @@
}, },
"xrayVersion": { "xrayVersion": {
"type": "string", "type": "string",
"defaultValue": "0.0.6", "defaultValue": "0.0.8",
"allowedValues": [ "allowedValues": [
"0.0.3", "0.0.3",
"0.0.4", "0.0.4",
"0.0.5", "0.0.5",
"0.0.6" "0.0.6",
"0.0.7",
"0.0.8"
], ],
"metadata": { "metadata": {
"description": "Xray-vm image version to deploy." "description": "Xray-vm image version to deploy."
@@ -275,7 +277,7 @@
}, },
{ {
"type": "Microsoft.Storage/storageAccounts", "type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2018-11-01", "apiVersion": "2019-06-01",
"name": "[variables('storageAccountName')]", "name": "[variables('storageAccountName')]",
"location": "[parameters('location')]", "location": "[parameters('location')]",
"sku": { "sku": {
@@ -320,7 +322,7 @@
"type": "Microsoft.Compute/virtualMachineScaleSets", "type": "Microsoft.Compute/virtualMachineScaleSets",
"name": "[concat(variables('namingInfix'), 'xrayScaleset')]", "name": "[concat(variables('namingInfix'), 'xrayScaleset')]",
"location": "[parameters('location')]", "location": "[parameters('location')]",
"apiVersion": "2018-10-01", "apiVersion": "2020-06-01",
"dependsOn": [ "dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts/', variables('storageAccountName'))]", "[resourceId('Microsoft.Storage/storageAccounts/', variables('storageAccountName'))]",
"[resourceId('Microsoft.Network/networkInterfaces/', variables('nicName'))]" "[resourceId('Microsoft.Network/networkInterfaces/', variables('nicName'))]"

2
AzureResourceManager/Xray/MP_submission/nested/Postgresql_deploy.json
View File

@@ -32,7 +32,7 @@
}, },
"skuSizeMB": { "skuSizeMB": {
"type": "int", "type": "int",
"defaultValue": 5120 "defaultValue": 204800
}, },
"skuTier": { "skuTier": {
"type": "string", "type": "string",

26
AzureResourceManager/Xray/azuredeploy_xray.parameters.json
View File

@@ -3,19 +3,19 @@
"contentVersion": "1.0.0.0", "contentVersion": "1.0.0.0",
"parameters": { "parameters": {
"clusterName": { "clusterName": {
"value": "GEN-UNIQUE" "value": "GENERATE-CLUSTER-NAME"
}, },
"adminUsername": { "adminUsername": {
"value": "GEN-UNIQUE" "value": "ADMIN-USERNAME"
}, },
"adminPassword": { "adminPassword": {
"value": "GEN-UNIQUE" "value": "ADMIN-PASSWORD"
}, },
"virtualNetworkName": { "virtualNetworkName": {
"value": "existing-vm-network-name" "value": "EXISTING-VM-NETWORK-NAME"
}, },
"subnetName": { "subnetName": {
"value": "existing-subnet-name" "value": "EXISTING-SUBNET-NAME"
}, },
"virtualNetworkNewOrExisting": { "virtualNetworkNewOrExisting": {
"value": "existing" "value": "existing"
@@ -24,7 +24,7 @@
"value": "10.0.0.0/16" "value": "10.0.0.0/16"
}, },
"virtualNetworkResourceGroup": { "virtualNetworkResourceGroup": {
"value": "resource-group-name" "value": "RESOURCE-GROUP-NAME"
}, },
"virtualMachineSize": { "virtualMachineSize": {
"value": "Standard_D4s_v3" "value": "Standard_D4s_v3"
@@ -33,25 +33,25 @@
"value": "10.0.1.0/24" "value": "10.0.1.0/24"
}, },
"xrayVersion": { "xrayVersion": {
"value": "0.0.6" "value": "0.0.8"
}, },
"artifactoryURL": { "artifactoryURL": {
"value": "http://artifactory-url.cloudapp.azure.com" "value": "http://ARTIFACTORY-URL.cloudapp.azure.com"
}, },
"masterKey": { "masterKey": {
"value": "GEN-UNIQUE" "value": "GENERATE-MASTER-KEY"
}, },
"joinKey": { "joinKey": {
"value": "GEN-UNIQUE" "value": "GET-JOIN-KEY-IN-ARTIFACTORY-UI"
}, },
"db_type": { "db_type": {
"value": "Postgresql_existing.json" "value": "Postgresql_deploy.json"
}, },
"db_user": { "db_user": {
"value": "GEN-UNIQUE" "value": "DB-USERNAME"
}, },
"db_password": { "db_password": {
"value": "GEN-UNIQUE" "value": "DB-PASSWORD"
}, },
"manual_db_url": { "manual_db_url": {
"value": "jdbc:postgresql://postgressrvr.postgres.database.azure.com:5432" "value": "jdbc:postgresql://postgressrvr.postgres.database.azure.com:5432"

11
AzureResourceManager/Xray/azuredeploy_xray_vmss.json
View File

@@ -19,12 +19,15 @@
}, },
"xrayVersion": { "xrayVersion": {
"type": "string", "type": "string",
"defaultValue": "0.0.6", "defaultValue": "0.0.9",
"allowedValues": [ "allowedValues": [
"0.0.3", "0.0.3",
"0.0.4", "0.0.4",
"0.0.5", "0.0.5",
"0.0.6" "0.0.6",
"0.0.7",
"0.0.8",
"0.0.9"
], ],
"metadata": { "metadata": {
"description": "Xray-vm image version to deploy." "description": "Xray-vm image version to deploy."
@@ -275,7 +278,7 @@
}, },
{ {
"type": "Microsoft.Storage/storageAccounts", "type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2018-11-01", "apiVersion": "2019-06-01",
"name": "[variables('storageAccountName')]", "name": "[variables('storageAccountName')]",
"location": "[parameters('location')]", "location": "[parameters('location')]",
"sku": { "sku": {
@@ -320,7 +323,7 @@
"type": "Microsoft.Compute/virtualMachineScaleSets", "type": "Microsoft.Compute/virtualMachineScaleSets",
"name": "[concat(variables('namingInfix'), 'xrayScaleset')]", "name": "[concat(variables('namingInfix'), 'xrayScaleset')]",
"location": "[parameters('location')]", "location": "[parameters('location')]",
"apiVersion": "2018-10-01", "apiVersion": "2020-06-01",
"dependsOn": [ "dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts/', variables('storageAccountName'))]", "[resourceId('Microsoft.Storage/storageAccounts/', variables('storageAccountName'))]",
"[resourceId('Microsoft.Network/networkInterfaces/', variables('nicName'))]" "[resourceId('Microsoft.Network/networkInterfaces/', variables('nicName'))]"

2
AzureResourceManager/Xray/nested/Postgresql_deploy.json
View File

@@ -32,7 +32,7 @@
}, },
"skuSizeMB": { "skuSizeMB": {
"type": "int", "type": "int",
"defaultValue": 5120 "defaultValue": 204800
}, },
"skuTier": { "skuTier": {
"type": "string", "type": "string",

2
AzureResourceManager/Xray/vm_install/vm_parameters.json
View File

@@ -90,7 +90,7 @@
"value": "OWERWRITE_THE_PASSWORD" "value": "OWERWRITE_THE_PASSWORD"
}, },
"xrayVersion": { "xrayVersion": {
"value": "3.9.1" "value": "3.12.0"
}, },
"scriptName": { "scriptName": {
"value": "install_xray_to_vm.sh" "value": "install_xray_to_vm.sh"