zware/JFrog-Cloud-Installers
1
0
Fork 0
mirror of https://github.com/ZwareBear/JFrog-Cloud-Installers.git synced 2026-01-21 05:06:56 -06:00
Code Issues Packages Projects Releases Wiki Activity

Updates to openshift for new marketplace submission

Browse Source
This commit is contained in:
John Peterson
2020-04-13 13:35:14 -07:00
parent 5234afa864
commit dffdb33ae1
9 changed files with 165 additions and 151 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
Openshift4/artifactory-ha-operator/bundle/artifactory-ha-operator.v1.0.0.clusterserviceversion.yaml
View File

@@ -8,17 +8,19 @@ metadata:
"apiVersion": "charts.helm.k8s.io/v1alpha1",
"kind": "OpenshiftArtifactoryHa",
"metadata": {
"name": "osartifactoryha"
"name": "openshiftartifactoryha"
},
"spec": {
"artifactory-ha": {
"artifactory": {
"customInitContainersBegin": "- name: \"redhat-custom-setup\"\n #image: \"{{ .Values.initContainerImage }}\"\n image: {{ index .Values \"initContainerImage\" }}\n imagePullPolicy: \"{{ .Values.artifactory.image.pullPolicy }}\"\n command:\n - 'sh'\n - '-c'\n - 'chown -R 1030:1030 {{ .Values.artifactory.persistence.mountPath }}'\n securityContext:\n runAsUser: 0\n volumeMounts:\n - mountPath: \"{{ .Values.artifactory.persistence.mountPath }}\"\n name: volume\n",
"customInitContainersBegin": "- name: \"redhat-custom-setup\"\n image: {{ index .Values \"initContainerImage\" }}\n imagePullPolicy: \"{{ .Values.artifactory.image.pullPolicy }}\"\n command:\n - 'sh'\n - '-c'\n - 'chown -R 1030:1030 {{ .Values.artifactory.persistence.mountPath }}'\n securityContext:\n runAsUser: 0\n volumeMounts:\n - mountPath: \"{{ .Values.artifactory.persistence.mountPath }}\"\n name: volume\n",
"image": {
"repository": "registry.connect.redhat.com/jfrog/artifactory-pro:7.3.2"
"repository": "registry.connect.redhat.com/jfrog/artifactory-pro",
"version": "7.3.2"
},
"masterKey": "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
"node": {
"replicaCount": 2,
"waitForPrimaryStartup": {
"enabled": false
}
@@ -43,9 +45,11 @@ metadata:
"internalPort": 8443
},
"image": {
"repository": "registry.redhat.io/rhel8/nginx-116:latest"
"repository": "registry.redhat.io/rhel8/nginx-116",
"version": "latest"
},
"mainConf": "# Main Nginx configuration file\nworker_processes 4;\nerror_log {{ .Values.nginx.persistence.mountPath }}/logs//error.log warn;\npid /tmp/nginx.pid;\nevents {\n worker_connections 1024;\n}\nhttp {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n variables_hash_max_size 1024;\n variables_hash_bucket_size 64;\n server_names_hash_max_size 4096;\n server_names_hash_bucket_size 128;\n types_hash_max_size 2048;\n types_hash_bucket_size 64;\n proxy_read_timeout 2400s;\n client_header_timeout 2400s;\n client_body_timeout 2400s;\n proxy_connect_timeout 75s;\n proxy_send_timeout 2400s;\n proxy_buffer_size 32k;\n proxy_buffers 40 32k;\n proxy_busy_buffers_size 64k;\n proxy_temp_file_write_size 250m;\n proxy_http_version 1.1;\n client_body_buffer_size 128k;\n log_format main '$remote_addr - $remote_user [$time_local] \"$request\" '\n '$status $body_bytes_sent \"$http_referer\" '\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';\n log_format timing 'ip = $remote_addr '\n 'user = \"$remote_user\" '\n 'local_time = \"$time_local\" '\n 'host = $host '\n 'request = \"$request\" '\n 'status = $status '\n 'bytes = $body_bytes_sent '\n 'upstream = \"$upstream_addr\" '\n 'upstream_time = $upstream_response_time '\n 'request_time = $request_time '\n 'referer = \"$http_referer\" '\n 'UA = \"$http_user_agent\"';\n access_log {{ .Values.nginx.persistence.mountPath }}/logs/access.log timing;\n sendfile on;\n #tcp_nopush on;\n keepalive_timeout 65;\n #gzip on;\n include {{ .Values.nginx.persistence.mountPath }}/conf.d/*.conf;\n}\n"
"tlsSecretName": "OVERRIDE"
},
"postgresql": {
"enabled": false
@@ -134,21 +138,11 @@ spec:
- name: OPERATOR_NAME
value: artifactory-ha-operator
- name: RELATED_IMAGE_ARTIFACTORY_IMAGE_REPOSITORY
value: registry.connect.redhat.com/jfrog/artifactory-pro:7.3.2
value: registry.connect.redhat.com/jfrog/artifactory-pro
- name: RELATED_IMAGE_NGINX_IMAGE_REPOSITORY
value: registry.redhat.io/rhel8/nginx-116:latest
- name: DATABASE_TYPE
value: OVERRIDE
- name: DATABASE_DRIVER
value: OVERRIDE
- name: DATABASE_URL
value: OVERRIDE
- name: DATABASE_USER
value: OVERRIDE
- name: DATABASE_PASSWORD
value: OVERRIDE
image: registry.connect.redhat.com/jfrog/artifactory-operator:7.3.2
imagePullPolicy: IfNotPresent
value: registry.redhat.io/rhel8/nginx-116
image: registry.connect.redhat.com/jfrog/artifactory-operator
imagePullPolicy: Always
name: artifactory-ha-operator
resources: {}
serviceAccountName: artifactory-ha-operator

23
Openshift4/artifactory-ha-operator/deploy/crds/charts.helm.k8s.io_v1alpha1_openshiftartifactoryha_cr.yaml
View File

@@ -4,16 +4,9 @@ metadata:
name: openshiftartifactoryha
spec:
artifactory-ha:
database:
driver: OVERRIDE
password: OVERRIDE
type: OVERRIDE
url: OVERRIDE
user: OVERRIDE
artifactory:
customInitContainersBegin: |
- name: "redhat-custom-setup"
#image: "{{ .Values.initContainerImage }}"
image: {{ index .Values "initContainerImage" }}
imagePullPolicy: "{{ .Values.artifactory.image.pullPolicy }}"
command:
@@ -26,12 +19,20 @@ spec:
- mountPath: "{{ .Values.artifactory.persistence.mountPath }}"
name: volume
image:
repository: quay.io/jfrog/artifactory-rh-pro
repository: registry.connect.redhat.com/jfrog/artifactory-pro
version: 7.3.2
masterKey: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
node:
waitForPrimaryStartup:
enabled: false
database:
driver: OVERRIDE
password: OVERRIDE
type: OVERRIDE
url: OVERRIDE
user: OVERRIDE
initContainerImage: registry.redhat.io/ubi8-minimal
installerInfo: '{ "productId": "Openshift_artifactory-ha/{{ .Chart.Version }}", "features": [ { "featureId": "ArtifactoryVersion/{{ default .Chart.AppVersion .Values.artifactory.image.version }}" }, { "featureId": "{{ if .Values.postgresql.enabled }}postgresql{{ else }}{{ default \"derby\" .Values.database.type }}{{ end }}/0.0.0" }, { "featureId": "Platform/{{ default \"openshift\" .Values.installer.platform }}" }, { "featureId": "Partner/ACC-006983" }, { "featureId": "Channel/Openshift" } ] }'
installerInfo: '{ "productId": "Openshift_artifactory-ha/{{ .Chart.Version }}", "features": [ { "featureId": "ArtifactoryVersion/{{ default .Chart.AppVersion .Values.artifactory.image.version }}" }, { "featureId": "{{ if .Values.postgresql.enabled }}postgresql{{ else }}{{ .Values.database.type }}{{ end }}/0.0.0" }, { "featureId": "Platform/Openshift" }, { "featureId": "Partner/ACC-006983" }, { "featureId": "Channel/Openshift" } ] }'
nginx:
http:
externalPort: 80
@@ -40,7 +41,8 @@ spec:
externalPort: 443
internalPort: 8443
image:
repository: quay.io/jfrog/nginx-artifactory-rh-pro
repository: registry.redhat.io/rhel8/nginx-116
version: latest
mainConf: |
# Main Nginx configuration file
worker_processes 4;
@@ -91,6 +93,7 @@ spec:
#gzip on;
include {{ .Values.nginx.persistence.mountPath }}/conf.d/*.conf;
}
tlsSecretName: OVERRIDE
postgresql:
enabled: false
waitForDatabase: false

35
Openshift4/artifactory-ha-operator/deploy/olm-catalog/artifactory-ha-operator/1.0.0/artifactory-ha-operator.v1.0.0.clusterserviceversion.yaml
View File

@@ -8,16 +8,19 @@ metadata:
"apiVersion": "charts.helm.k8s.io/v1alpha1",
"kind": "OpenshiftArtifactoryHa",
"metadata": {
"name": "osartifactoryha"
"name": "openshiftartifactoryha"
},
"spec": {
"artifactory-ha": {
"artifactory": {
"customInitContainersBegin": "- name: \"redhat-custom-setup\"\n image: {{ index .Values \"initContainerImage\" }}\n imagePullPolicy: \"{{ .Values.artifactory.image.pullPolicy }}\"\n command:\n - 'sh'\n - '-c'\n - 'chown -R 1030:1030 {{ .Values.artifactory.persistence.mountPath }}'\n securityContext:\n runAsUser: 0\n volumeMounts:\n - mountPath: \"{{ .Values.artifactory.persistence.mountPath }}\"\n name: volume\n",
"image": {
"repository": "registry.connect.redhat.com/jfrog/artifactory-pro:7.3.2"
"repository": "registry.connect.redhat.com/jfrog/artifactory-pro",
"version": "7.3.2"
},
"masterKey": "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
"node": {
"replicaCount": 2,
"waitForPrimaryStartup": {
"enabled": false
}
@@ -31,7 +34,7 @@ metadata:
"user": "OVERRIDE"
},
"initContainerImage": "registry.redhat.io/ubi8-minimal",
"installerInfo": "{ \"productId\": \"Openshift_artifactory-ha/{{ .Chart.Version }}\", \"features\": [ { \"featureId\": \"ArtifactoryVersion/{{ default .Chart.AppVersion .Values.artifactory.image.version }}\" }, { \"featureId\": \"{{ if .Values.postgresql.enabled }}postgresql{{ else }}{{ .Values.database.type }}{{ end }}/0.0.0\" }, { \"featureId\": \"Platform/openshift\" }, { \"featureId\": \"Partner/ACC-006983\" }, { \"featureId\": \"Channel/Openshift\" } ] }",
"installerInfo": "{ \"productId\": \"Openshift_artifactory-ha/{{ .Chart.Version }}\", \"features\": [ { \"featureId\": \"ArtifactoryVersion/{{ default .Chart.AppVersion .Values.artifactory.image.version }}\" }, { \"featureId\": \"{{ if .Values.postgresql.enabled }}postgresql{{ else }}{{ .Values.database.type }}{{ end }}/0.0.0\" }, { \"featureId\": \"Platform/Openshift\" }, { \"featureId\": \"Partner/ACC-006983\" }, { \"featureId\": \"Channel/Openshift\" } ] }",
"nginx": {
"http": {
"externalPort": 80,
@@ -42,9 +45,11 @@ metadata:
"internalPort": 8443
},
"image": {
"repository": "registry.redhat.io/rhel8/nginx-116:latest"
"repository": "registry.redhat.io/rhel8/nginx-116",
"version": "latest"
},
"mainConf": "# Main Nginx configuration file\nworker_processes 4;\nerror_log {{ .Values.nginx.persistence.mountPath }}/logs//error.log warn;\npid /tmp/nginx.pid;\nevents {\n worker_connections 1024;\n}\nhttp {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n variables_hash_max_size 1024;\n variables_hash_bucket_size 64;\n server_names_hash_max_size 4096;\n server_names_hash_bucket_size 128;\n types_hash_max_size 2048;\n types_hash_bucket_size 64;\n proxy_read_timeout 2400s;\n client_header_timeout 2400s;\n client_body_timeout 2400s;\n proxy_connect_timeout 75s;\n proxy_send_timeout 2400s;\n proxy_buffer_size 32k;\n proxy_buffers 40 32k;\n proxy_busy_buffers_size 64k;\n proxy_temp_file_write_size 250m;\n proxy_http_version 1.1;\n client_body_buffer_size 128k;\n log_format main '$remote_addr - $remote_user [$time_local] \"$request\" '\n '$status $body_bytes_sent \"$http_referer\" '\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';\n log_format timing 'ip = $remote_addr '\n 'user = \"$remote_user\" '\n 'local_time = \"$time_local\" '\n 'host = $host '\n 'request = \"$request\" '\n 'status = $status '\n 'bytes = $body_bytes_sent '\n 'upstream = \"$upstream_addr\" '\n 'upstream_time = $upstream_response_time '\n 'request_time = $request_time '\n 'referer = \"$http_referer\" '\n 'UA = \"$http_user_agent\"';\n access_log {{ .Values.nginx.persistence.mountPath }}/logs/access.log timing;\n sendfile on;\n #tcp_nopush on;\n keepalive_timeout 65;\n #gzip on;\n include {{ .Values.nginx.persistence.mountPath }}/conf.d/*.conf;\n}\n"
"tlsSecretName": "OVERRIDE"
},
"postgresql": {
"enabled": false
@@ -56,8 +61,8 @@ metadata:
]
capabilities: Basic Install
categories: "Developer Tools,Integration & Delivery"
description: "Artifactory HA deploys Artifactory in a high availability environment across multiple pods"
containerImage: quay.io/jfrog/artifactory-ha-operator
description: "JFrog Artifactory Enterprise deploys Artifactory in a high availability environment across multiple pods"
containerImage: registry.connect.redhat.com/jfrog/artifactory-operator
createdAt: 2020-03-25T00:00:00Z
support: JFrog
certified: "true"
@@ -133,21 +138,11 @@ spec:
- name: OPERATOR_NAME
value: artifactory-ha-operator
- name: RELATED_IMAGE_ARTIFACTORY_IMAGE_REPOSITORY
value: registry.connect.redhat.com/jfrog/artifactory-pro:7.3.2
value: registry.connect.redhat.com/jfrog/artifactory-pro
- name: RELATED_IMAGE_NGINX_IMAGE_REPOSITORY
value: registry.redhat.io/rhel8/nginx-116:latest
- name: DATABASE_TYPE
value: OVERRIDE
- name: DATABASE_DRIVER
value: OVERRIDE
- name: DATABASE_URL
value: OVERRIDE
- name: DATABASE_USER
value: OVERRIDE
- name: DATABASE_PASSWORD
value: OVERRIDE
image: registry.connect.redhat.com/jfrog/artifactory-operator:7.3.2
imagePullPolicy: IfNotPresent
value: registry.redhat.io/rhel8/nginx-116
image: registry.connect.redhat.com/jfrog/artifactory-operator
imagePullPolicy: Always
name: artifactory-ha-operator
resources: {}
serviceAccountName: artifactory-ha-operator

16
Openshift4/artifactory-ha-operator/deploy/operator.yaml
View File

@@ -15,8 +15,8 @@ spec:
serviceAccountName: artifactory-ha-operator
containers:
- name: artifactory-ha-operator
image: quay.io/jfrog/artifactory-ha-operator
imagePullPolicy: IfNotPresent
image: registry.connect.redhat.com/jfrog/artifactory-operator
imagePullPolicy: Always
env:
- name: WATCH_NAMESPACE
valueFrom:
@@ -31,14 +31,4 @@ spec:
- name: RELATED_IMAGE_ARTIFACTORY_IMAGE_REPOSITORY
value: "registry.connect.redhat.com/jfrog/artifactory-pro"
- name: RELATED_IMAGE_NGINX_IMAGE_REPOSITORY
value: "quay.io/jfrog/nginx-artifactory-rh-pro"
- name: DATABASE_TYPE
value: "OVERRIDE"
- name: DATABASE_DRIVER
value: "OVERRIDE"
- name: DATABASE_URL
value: "OVERRIDE"
- name: DATABASE_USER
value: "OVERRIDE"
- name: DATABASE_PASSWORD
value: "OVERRIDE"
value: "registry.redhat.io/rhel8/nginx-116"

162
Openshift4/artifactory-ha-operator/deploy/role.yaml
View File

@@ -5,95 +5,115 @@ metadata:
name: artifactory-ha-operator
rules:
- apiGroups:
- ""
- ""
resources:
- pods
- services
- services/finalizers
- endpoints
- persistentvolumeclaims
- events
- configmaps
- secrets
- pods
- services
- services/finalizers
- endpoints
- persistentvolumeclaims
- events
- configmaps
- secrets
- serviceaccounts
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
- apps
resources:
- deployments
- daemonsets
- replicasets
- statefulsets
- deployments
- daemonsets
- replicasets
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
- ""
resources:
- namespaces
- namespaces
verbs:
- get
- get
- apiGroups:
- ""
resources:
- configmaps
- secrets
verbs:
- '*'
- apiGroups:
- ""
resources:
- events
verbs:
- create
- apiGroups:
- monitoring.coreos.com
resources:
- servicemonitors
verbs:
- get
- create
- apiGroups:
- apps
- ""
resourceNames:
- artifactory-ha-operator
- artifactory-ha-operator
resources:
- deployments/finalizers
- '*'
verbs:
- update
- '*'
- apiGroups:
- ""
- ""
resources:
- pods
- events
verbs:
- get
- create
- apiGroups:
- apps
- monitoring.coreos.com
resources:
- replicasets
- deployments
- servicemonitors
verbs:
- get
- get
- create
- apiGroups:
- charts.helm.k8s.io
- apps
resourceNames:
- artifactory-ha-operator
resources:
- '*'
- deployments/finalizers
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- update
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- apiGroups:
- apps
resources:
- replicasets
- deployments
verbs:
- get
- apiGroups:
- charts.helm.k8s.io
resources:
- '*'
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- networking.k8s.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- policy
resources:
- '*'
verbs:
- '*'
- apiGroups:
- 'rbac.authorization.k8s.io'
resources:
- '*'
verbs:
- '*'

7
Openshift4/artifactory-ha-operator/watches.yaml
View File

@@ -5,9 +5,4 @@
chart: helm-charts/openshift-artifactory-ha
overrideValues:
artifactory-ha.artifactory.image.repository: $RELATED_IMAGE_ARTIFACTORY_IMAGE_REPOSITORY
artifactory-ha.nginx.image.repository: $RELATED_IMAGE_NGINX_IMAGE_REPOSITORY
artifactory-ha.database.type: $DATABASE_TYPE
artifactory-ha.database.driver: $DATABASE_DRIVER
artifactory-ha.database.url: $DATABASE_URL
artifactory-ha.database.user: $DATABASE_USER
artifactory-ha.database.password: $DATABASE_PASSWORD
artifactory-ha.nginx.image.repository: $RELATED_IMAGE_NGINX_IMAGE_REPOSITORY

31
Openshift4/openshift-artifactory-ha/helminstall.sh
View File

@@ -1,8 +1,22 @@
#!/usr/bin/env bash
if [[ -z "$1" ]]
then
echo "Skipping creation of persistent volume examples. Ensure there is available PVs 200Gi per node for HA."
# PreReq'd:
# helm install postgres bitnami/postgresql
# follow artifactory postgresql db setup:
# https://www.jfrog.com/confluence/display/JFROG/PostgreSQL
POSTGRES=$(helm ls | grep postgres | wc -l)
if [[ "$POSTGRES" =~ (0) ]]
then
echo "External DB is required to run Jfrog Openshift Artifactory Helm chart"
echo ""
echo "Postgresql helm chart must be installed prior to installing this helm installer script."
echo ""
echo "helm install postgres bitnami/postgresql"
echo ""
echo "follow artifactory postgresql db setup:"
echo "https://www.jfrog.com/confluence/display/JFROG/PostgreSQL"
exit 1
else
# patch the restricted scc to allow the pods to run as anyuid
oc patch scc restricted --patch '{"fsGroup":{"type":"RunAsAny"},"runAsUser":{"type":"RunAsAny"},"seLinuxContext":{"type":"RunAsAny"}}' --type=merge
@@ -12,9 +26,14 @@ else
# create the tls secret
oc create secret tls tls-ingress --cert=tls.crt --key=tls.key
fi
fi
# install via helm
# install via helm with default postgresql configuration
helm install artifactory-ha . \
--set artifactory-ha.nginx.tlsSecretName=tls-ingress \
--set artifactory-ha.artifactory.license.secret=artifactory-license,artifactory-ha.artifactory.license.dataKey=artifactory.cluster.license
--set artifactory-ha.artifactory.license.secret=artifactory-license,artifactory-ha.artifactory.license.dataKey=artifactory.cluster.license \
--set artifactory-ha.database.type=postgresql \
--set artifactory-ha.database.driver=org.postgresql.Driver \
--set artifactory-ha.database.url=jdbc:postgresql://postgres-postgresql:5432/artifactory \
--set artifactory-ha.database.user=artifactory \
--set artifactory-ha.database.password=password

6
Openshift4/openshift-artifactory-ha/requirements.lock
View File

@@ -1,6 +1,6 @@
dependencies:
- name: artifactory-ha
repository: https://charts.jfrog.io/
version: 2.2.9
digest: sha256:65c1deae2ede50a40b62012243657a2ebfcc05bbd5b7f95bd8786bbb9425f13b
generated: "2020-04-10T10:49:58.221628-07:00"
version: 2.3.0
digest: sha256:1a0b97f17a29da8dfe7f7dfbf5860258f216d1d82b06ffb55733b85f09e7cbaf
generated: "2020-04-13T11:22:22.813393-07:00"

6
Openshift4/openshift-artifactory-ha/values.yaml
View File

@@ -12,10 +12,6 @@ artifactory-ha:
url: "OVERRIDE"
user: "OVERRIDE"
password: "OVERRIDE"
###################################
# DO NOT EDIT FURTHER
###################################
initContainerImage: registry.redhat.io/ubi8-minimal
waitForDatabase: false
installerInfo: '{ "productId": "Openshift_artifactory-ha/{{ .Chart.Version }}", "features": [ { "featureId": "ArtifactoryVersion/{{ default .Chart.AppVersion .Values.artifactory.image.version }}" }, { "featureId": "{{ if .Values.postgresql.enabled }}postgresql{{ else }}{{ .Values.database.type }}{{ end }}/0.0.0" }, { "featureId": "Platform/Openshift" }, { "featureId": "Partner/ACC-006983" }, { "featureId": "Channel/Openshift" } ] }'
@@ -40,6 +36,7 @@ artifactory-ha:
repository: registry.connect.redhat.com/jfrog/artifactory-pro
version: 7.3.2
node:
replicaCount: 2
waitForPrimaryStartup:
enabled: false
masterKey: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
@@ -49,6 +46,7 @@ artifactory-ha:
image:
repository: registry.redhat.io/rhel8/nginx-116
version: latest
## K8S secret name for the TLS secret to be used for SSL
tlsSecretName: "OVERRIDE"
http:
externalPort: 80