zware/JFrog-Cloud-Installers
1
0
Fork 0
mirror of https://github.com/ZwareBear/JFrog-Cloud-Installers.git synced 2026-01-21 01:06:55 -06:00
Code Issues Packages Projects Releases Wiki Activity

Updates to openshift for new marketplace submission

Browse Source
This commit is contained in:
John Peterson
2020-04-13 13:35:14 -07:00
parent 5234afa864
commit dffdb33ae1
9 changed files with 165 additions and 151 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
Openshift4/artifactory-ha-operator/bundle/artifactory-ha-operator.v1.0.0.clusterserviceversion.yaml
View File

@@ -8,17 +8,19 @@ metadata:
"apiVersion": "charts.helm.k8s.io/v1alpha1", "apiVersion": "charts.helm.k8s.io/v1alpha1",
"kind": "OpenshiftArtifactoryHa", "kind": "OpenshiftArtifactoryHa",
"metadata": { "metadata": {
"name": "osartifactoryha" "name": "openshiftartifactoryha"
}, },
"spec": { "spec": {
"artifactory-ha": { "artifactory-ha": {
"artifactory": { "artifactory": {
"customInitContainersBegin": "- name: \"redhat-custom-setup\"\n #image: \"{{ .Values.initContainerImage }}\"\n image: {{ index .Values \"initContainerImage\" }}\n imagePullPolicy: \"{{ .Values.artifactory.image.pullPolicy }}\"\n command:\n - 'sh'\n - '-c'\n - 'chown -R 1030:1030 {{ .Values.artifactory.persistence.mountPath }}'\n securityContext:\n runAsUser: 0\n volumeMounts:\n - mountPath: \"{{ .Values.artifactory.persistence.mountPath }}\"\n name: volume\n", "customInitContainersBegin": "- name: \"redhat-custom-setup\"\n image: {{ index .Values \"initContainerImage\" }}\n imagePullPolicy: \"{{ .Values.artifactory.image.pullPolicy }}\"\n command:\n - 'sh'\n - '-c'\n - 'chown -R 1030:1030 {{ .Values.artifactory.persistence.mountPath }}'\n securityContext:\n runAsUser: 0\n volumeMounts:\n - mountPath: \"{{ .Values.artifactory.persistence.mountPath }}\"\n name: volume\n",
"image": { "image": {
"repository": "registry.connect.redhat.com/jfrog/artifactory-pro:7.3.2" "repository": "registry.connect.redhat.com/jfrog/artifactory-pro",
"version": "7.3.2"
}, },
"masterKey": "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", "masterKey": "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
"node": { "node": {
"replicaCount": 2,
"waitForPrimaryStartup": { "waitForPrimaryStartup": {
"enabled": false "enabled": false
} }
@@ -43,9 +45,11 @@ metadata:
"internalPort": 8443 "internalPort": 8443
}, },
"image": { "image": {
"repository": "registry.redhat.io/rhel8/nginx-116:latest" "repository": "registry.redhat.io/rhel8/nginx-116",
"version": "latest"
}, },
"mainConf": "# Main Nginx configuration file\nworker_processes 4;\nerror_log {{ .Values.nginx.persistence.mountPath }}/logs//error.log warn;\npid /tmp/nginx.pid;\nevents {\n worker_connections 1024;\n}\nhttp {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n variables_hash_max_size 1024;\n variables_hash_bucket_size 64;\n server_names_hash_max_size 4096;\n server_names_hash_bucket_size 128;\n types_hash_max_size 2048;\n types_hash_bucket_size 64;\n proxy_read_timeout 2400s;\n client_header_timeout 2400s;\n client_body_timeout 2400s;\n proxy_connect_timeout 75s;\n proxy_send_timeout 2400s;\n proxy_buffer_size 32k;\n proxy_buffers 40 32k;\n proxy_busy_buffers_size 64k;\n proxy_temp_file_write_size 250m;\n proxy_http_version 1.1;\n client_body_buffer_size 128k;\n log_format main '$remote_addr - $remote_user [$time_local] \"$request\" '\n '$status $body_bytes_sent \"$http_referer\" '\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';\n log_format timing 'ip = $remote_addr '\n 'user = \"$remote_user\" '\n 'local_time = \"$time_local\" '\n 'host = $host '\n 'request = \"$request\" '\n 'status = $status '\n 'bytes = $body_bytes_sent '\n 'upstream = \"$upstream_addr\" '\n 'upstream_time = $upstream_response_time '\n 'request_time = $request_time '\n 'referer = \"$http_referer\" '\n 'UA = \"$http_user_agent\"';\n access_log {{ .Values.nginx.persistence.mountPath }}/logs/access.log timing;\n sendfile on;\n #tcp_nopush on;\n keepalive_timeout 65;\n #gzip on;\n include {{ .Values.nginx.persistence.mountPath }}/conf.d/*.conf;\n}\n" "mainConf": "# Main Nginx configuration file\nworker_processes 4;\nerror_log {{ .Values.nginx.persistence.mountPath }}/logs//error.log warn;\npid /tmp/nginx.pid;\nevents {\n worker_connections 1024;\n}\nhttp {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n variables_hash_max_size 1024;\n variables_hash_bucket_size 64;\n server_names_hash_max_size 4096;\n server_names_hash_bucket_size 128;\n types_hash_max_size 2048;\n types_hash_bucket_size 64;\n proxy_read_timeout 2400s;\n client_header_timeout 2400s;\n client_body_timeout 2400s;\n proxy_connect_timeout 75s;\n proxy_send_timeout 2400s;\n proxy_buffer_size 32k;\n proxy_buffers 40 32k;\n proxy_busy_buffers_size 64k;\n proxy_temp_file_write_size 250m;\n proxy_http_version 1.1;\n client_body_buffer_size 128k;\n log_format main '$remote_addr - $remote_user [$time_local] \"$request\" '\n '$status $body_bytes_sent \"$http_referer\" '\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';\n log_format timing 'ip = $remote_addr '\n 'user = \"$remote_user\" '\n 'local_time = \"$time_local\" '\n 'host = $host '\n 'request = \"$request\" '\n 'status = $status '\n 'bytes = $body_bytes_sent '\n 'upstream = \"$upstream_addr\" '\n 'upstream_time = $upstream_response_time '\n 'request_time = $request_time '\n 'referer = \"$http_referer\" '\n 'UA = \"$http_user_agent\"';\n access_log {{ .Values.nginx.persistence.mountPath }}/logs/access.log timing;\n sendfile on;\n #tcp_nopush on;\n keepalive_timeout 65;\n #gzip on;\n include {{ .Values.nginx.persistence.mountPath }}/conf.d/*.conf;\n}\n"
"tlsSecretName": "OVERRIDE"
}, },
"postgresql": { "postgresql": {
"enabled": false "enabled": false
@@ -134,21 +138,11 @@ spec:
- name: OPERATOR_NAME - name: OPERATOR_NAME
value: artifactory-ha-operator value: artifactory-ha-operator
- name: RELATED_IMAGE_ARTIFACTORY_IMAGE_REPOSITORY - name: RELATED_IMAGE_ARTIFACTORY_IMAGE_REPOSITORY
value: registry.connect.redhat.com/jfrog/artifactory-pro:7.3.2 value: registry.connect.redhat.com/jfrog/artifactory-pro
- name: RELATED_IMAGE_NGINX_IMAGE_REPOSITORY - name: RELATED_IMAGE_NGINX_IMAGE_REPOSITORY
value: registry.redhat.io/rhel8/nginx-116:latest value: registry.redhat.io/rhel8/nginx-116
- name: DATABASE_TYPE image: registry.connect.redhat.com/jfrog/artifactory-operator
value: OVERRIDE imagePullPolicy: Always
- name: DATABASE_DRIVER
value: OVERRIDE
- name: DATABASE_URL
value: OVERRIDE
- name: DATABASE_USER
value: OVERRIDE
- name: DATABASE_PASSWORD
value: OVERRIDE
image: registry.connect.redhat.com/jfrog/artifactory-operator:7.3.2
imagePullPolicy: IfNotPresent
name: artifactory-ha-operator name: artifactory-ha-operator
resources: {} resources: {}
serviceAccountName: artifactory-ha-operator serviceAccountName: artifactory-ha-operator

23
Openshift4/artifactory-ha-operator/deploy/crds/charts.helm.k8s.io_v1alpha1_openshiftartifactoryha_cr.yaml
View File

@@ -4,16 +4,9 @@ metadata:
name: openshiftartifactoryha name: openshiftartifactoryha
spec: spec:
artifactory-ha: artifactory-ha:
database:
driver: OVERRIDE
password: OVERRIDE
type: OVERRIDE
url: OVERRIDE
user: OVERRIDE
artifactory: artifactory:
customInitContainersBegin: | customInitContainersBegin: |
- name: "redhat-custom-setup" - name: "redhat-custom-setup"
#image: "{{ .Values.initContainerImage }}"
image: {{ index .Values "initContainerImage" }} image: {{ index .Values "initContainerImage" }}
imagePullPolicy: "{{ .Values.artifactory.image.pullPolicy }}" imagePullPolicy: "{{ .Values.artifactory.image.pullPolicy }}"
command: command:
@@ -26,12 +19,20 @@ spec:
- mountPath: "{{ .Values.artifactory.persistence.mountPath }}" - mountPath: "{{ .Values.artifactory.persistence.mountPath }}"
name: volume name: volume
image: image:
repository: quay.io/jfrog/artifactory-rh-pro repository: registry.connect.redhat.com/jfrog/artifactory-pro
version: 7.3.2
masterKey: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
node: node:
waitForPrimaryStartup: waitForPrimaryStartup:
enabled: false enabled: false
database:
driver: OVERRIDE
password: OVERRIDE
type: OVERRIDE
url: OVERRIDE
user: OVERRIDE
initContainerImage: registry.redhat.io/ubi8-minimal initContainerImage: registry.redhat.io/ubi8-minimal
installerInfo: '{ "productId": "Openshift_artifactory-ha/{{ .Chart.Version }}", "features": [ { "featureId": "ArtifactoryVersion/{{ default .Chart.AppVersion .Values.artifactory.image.version }}" }, { "featureId": "{{ if .Values.postgresql.enabled }}postgresql{{ else }}{{ default \"derby\" .Values.database.type }}{{ end }}/0.0.0" }, { "featureId": "Platform/{{ default \"openshift\" .Values.installer.platform }}" }, { "featureId": "Partner/ACC-006983" }, { "featureId": "Channel/Openshift" } ] }' installerInfo: '{ "productId": "Openshift_artifactory-ha/{{ .Chart.Version }}", "features": [ { "featureId": "ArtifactoryVersion/{{ default .Chart.AppVersion .Values.artifactory.image.version }}" }, { "featureId": "{{ if .Values.postgresql.enabled }}postgresql{{ else }}{{ .Values.database.type }}{{ end }}/0.0.0" }, { "featureId": "Platform/Openshift" }, { "featureId": "Partner/ACC-006983" }, { "featureId": "Channel/Openshift" } ] }'
nginx: nginx:
http: http:
externalPort: 80 externalPort: 80
@@ -40,7 +41,8 @@ spec:
externalPort: 443 externalPort: 443
internalPort: 8443 internalPort: 8443
image: image:
repository: quay.io/jfrog/nginx-artifactory-rh-pro repository: registry.redhat.io/rhel8/nginx-116
version: latest
mainConf: | mainConf: |
# Main Nginx configuration file # Main Nginx configuration file
worker_processes 4; worker_processes 4;
@@ -91,6 +93,7 @@ spec:
#gzip on; #gzip on;
include {{ .Values.nginx.persistence.mountPath }}/conf.d/*.conf; include {{ .Values.nginx.persistence.mountPath }}/conf.d/*.conf;
} }
tlsSecretName: OVERRIDE
postgresql: postgresql:
enabled: false enabled: false
waitForDatabase: false waitForDatabase: false

35
Openshift4/artifactory-ha-operator/deploy/olm-catalog/artifactory-ha-operator/1.0.0/artifactory-ha-operator.v1.0.0.clusterserviceversion.yaml
View File

@@ -8,16 +8,19 @@ metadata:
"apiVersion": "charts.helm.k8s.io/v1alpha1", "apiVersion": "charts.helm.k8s.io/v1alpha1",
"kind": "OpenshiftArtifactoryHa", "kind": "OpenshiftArtifactoryHa",
"metadata": { "metadata": {
"name": "osartifactoryha" "name": "openshiftartifactoryha"
}, },
"spec": { "spec": {
"artifactory-ha": { "artifactory-ha": {
"artifactory": { "artifactory": {
"customInitContainersBegin": "- name: \"redhat-custom-setup\"\n image: {{ index .Values \"initContainerImage\" }}\n imagePullPolicy: \"{{ .Values.artifactory.image.pullPolicy }}\"\n command:\n - 'sh'\n - '-c'\n - 'chown -R 1030:1030 {{ .Values.artifactory.persistence.mountPath }}'\n securityContext:\n runAsUser: 0\n volumeMounts:\n - mountPath: \"{{ .Values.artifactory.persistence.mountPath }}\"\n name: volume\n", "customInitContainersBegin": "- name: \"redhat-custom-setup\"\n image: {{ index .Values \"initContainerImage\" }}\n imagePullPolicy: \"{{ .Values.artifactory.image.pullPolicy }}\"\n command:\n - 'sh'\n - '-c'\n - 'chown -R 1030:1030 {{ .Values.artifactory.persistence.mountPath }}'\n securityContext:\n runAsUser: 0\n volumeMounts:\n - mountPath: \"{{ .Values.artifactory.persistence.mountPath }}\"\n name: volume\n",
"image": { "image": {
"repository": "registry.connect.redhat.com/jfrog/artifactory-pro:7.3.2" "repository": "registry.connect.redhat.com/jfrog/artifactory-pro",
"version": "7.3.2"
}, },
"masterKey": "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
"node": { "node": {
"replicaCount": 2,
"waitForPrimaryStartup": { "waitForPrimaryStartup": {
"enabled": false "enabled": false
} }
@@ -31,7 +34,7 @@ metadata:
"user": "OVERRIDE" "user": "OVERRIDE"
}, },
"initContainerImage": "registry.redhat.io/ubi8-minimal", "initContainerImage": "registry.redhat.io/ubi8-minimal",
"installerInfo": "{ \"productId\": \"Openshift_artifactory-ha/{{ .Chart.Version }}\", \"features\": [ { \"featureId\": \"ArtifactoryVersion/{{ default .Chart.AppVersion .Values.artifactory.image.version }}\" }, { \"featureId\": \"{{ if .Values.postgresql.enabled }}postgresql{{ else }}{{ .Values.database.type }}{{ end }}/0.0.0\" }, { \"featureId\": \"Platform/openshift\" }, { \"featureId\": \"Partner/ACC-006983\" }, { \"featureId\": \"Channel/Openshift\" } ] }", "installerInfo": "{ \"productId\": \"Openshift_artifactory-ha/{{ .Chart.Version }}\", \"features\": [ { \"featureId\": \"ArtifactoryVersion/{{ default .Chart.AppVersion .Values.artifactory.image.version }}\" }, { \"featureId\": \"{{ if .Values.postgresql.enabled }}postgresql{{ else }}{{ .Values.database.type }}{{ end }}/0.0.0\" }, { \"featureId\": \"Platform/Openshift\" }, { \"featureId\": \"Partner/ACC-006983\" }, { \"featureId\": \"Channel/Openshift\" } ] }",
"nginx": { "nginx": {
"http": { "http": {
"externalPort": 80, "externalPort": 80,
@@ -42,9 +45,11 @@ metadata:
"internalPort": 8443 "internalPort": 8443
}, },
"image": { "image": {
"repository": "registry.redhat.io/rhel8/nginx-116:latest" "repository": "registry.redhat.io/rhel8/nginx-116",
"version": "latest"
}, },
"mainConf": "# Main Nginx configuration file\nworker_processes 4;\nerror_log {{ .Values.nginx.persistence.mountPath }}/logs//error.log warn;\npid /tmp/nginx.pid;\nevents {\n worker_connections 1024;\n}\nhttp {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n variables_hash_max_size 1024;\n variables_hash_bucket_size 64;\n server_names_hash_max_size 4096;\n server_names_hash_bucket_size 128;\n types_hash_max_size 2048;\n types_hash_bucket_size 64;\n proxy_read_timeout 2400s;\n client_header_timeout 2400s;\n client_body_timeout 2400s;\n proxy_connect_timeout 75s;\n proxy_send_timeout 2400s;\n proxy_buffer_size 32k;\n proxy_buffers 40 32k;\n proxy_busy_buffers_size 64k;\n proxy_temp_file_write_size 250m;\n proxy_http_version 1.1;\n client_body_buffer_size 128k;\n log_format main '$remote_addr - $remote_user [$time_local] \"$request\" '\n '$status $body_bytes_sent \"$http_referer\" '\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';\n log_format timing 'ip = $remote_addr '\n 'user = \"$remote_user\" '\n 'local_time = \"$time_local\" '\n 'host = $host '\n 'request = \"$request\" '\n 'status = $status '\n 'bytes = $body_bytes_sent '\n 'upstream = \"$upstream_addr\" '\n 'upstream_time = $upstream_response_time '\n 'request_time = $request_time '\n 'referer = \"$http_referer\" '\n 'UA = \"$http_user_agent\"';\n access_log {{ .Values.nginx.persistence.mountPath }}/logs/access.log timing;\n sendfile on;\n #tcp_nopush on;\n keepalive_timeout 65;\n #gzip on;\n include {{ .Values.nginx.persistence.mountPath }}/conf.d/*.conf;\n}\n" "mainConf": "# Main Nginx configuration file\nworker_processes 4;\nerror_log {{ .Values.nginx.persistence.mountPath }}/logs//error.log warn;\npid /tmp/nginx.pid;\nevents {\n worker_connections 1024;\n}\nhttp {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n variables_hash_max_size 1024;\n variables_hash_bucket_size 64;\n server_names_hash_max_size 4096;\n server_names_hash_bucket_size 128;\n types_hash_max_size 2048;\n types_hash_bucket_size 64;\n proxy_read_timeout 2400s;\n client_header_timeout 2400s;\n client_body_timeout 2400s;\n proxy_connect_timeout 75s;\n proxy_send_timeout 2400s;\n proxy_buffer_size 32k;\n proxy_buffers 40 32k;\n proxy_busy_buffers_size 64k;\n proxy_temp_file_write_size 250m;\n proxy_http_version 1.1;\n client_body_buffer_size 128k;\n log_format main '$remote_addr - $remote_user [$time_local] \"$request\" '\n '$status $body_bytes_sent \"$http_referer\" '\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';\n log_format timing 'ip = $remote_addr '\n 'user = \"$remote_user\" '\n 'local_time = \"$time_local\" '\n 'host = $host '\n 'request = \"$request\" '\n 'status = $status '\n 'bytes = $body_bytes_sent '\n 'upstream = \"$upstream_addr\" '\n 'upstream_time = $upstream_response_time '\n 'request_time = $request_time '\n 'referer = \"$http_referer\" '\n 'UA = \"$http_user_agent\"';\n access_log {{ .Values.nginx.persistence.mountPath }}/logs/access.log timing;\n sendfile on;\n #tcp_nopush on;\n keepalive_timeout 65;\n #gzip on;\n include {{ .Values.nginx.persistence.mountPath }}/conf.d/*.conf;\n}\n"
"tlsSecretName": "OVERRIDE"
}, },
"postgresql": { "postgresql": {
"enabled": false "enabled": false
@@ -56,8 +61,8 @@ metadata:
] ]
capabilities: Basic Install capabilities: Basic Install
categories: "Developer Tools,Integration & Delivery" categories: "Developer Tools,Integration & Delivery"
description: "Artifactory HA deploys Artifactory in a high availability environment across multiple pods" description: "JFrog Artifactory Enterprise deploys Artifactory in a high availability environment across multiple pods"
containerImage: quay.io/jfrog/artifactory-ha-operator containerImage: registry.connect.redhat.com/jfrog/artifactory-operator
createdAt: 2020-03-25T00:00:00Z createdAt: 2020-03-25T00:00:00Z
support: JFrog support: JFrog
certified: "true" certified: "true"
@@ -133,21 +138,11 @@ spec:
- name: OPERATOR_NAME - name: OPERATOR_NAME
value: artifactory-ha-operator value: artifactory-ha-operator
- name: RELATED_IMAGE_ARTIFACTORY_IMAGE_REPOSITORY - name: RELATED_IMAGE_ARTIFACTORY_IMAGE_REPOSITORY
value: registry.connect.redhat.com/jfrog/artifactory-pro:7.3.2 value: registry.connect.redhat.com/jfrog/artifactory-pro
- name: RELATED_IMAGE_NGINX_IMAGE_REPOSITORY - name: RELATED_IMAGE_NGINX_IMAGE_REPOSITORY
value: registry.redhat.io/rhel8/nginx-116:latest value: registry.redhat.io/rhel8/nginx-116
- name: DATABASE_TYPE image: registry.connect.redhat.com/jfrog/artifactory-operator
value: OVERRIDE imagePullPolicy: Always
- name: DATABASE_DRIVER
value: OVERRIDE
- name: DATABASE_URL
value: OVERRIDE
- name: DATABASE_USER
value: OVERRIDE
- name: DATABASE_PASSWORD
value: OVERRIDE
image: registry.connect.redhat.com/jfrog/artifactory-operator:7.3.2
imagePullPolicy: IfNotPresent
name: artifactory-ha-operator name: artifactory-ha-operator
resources: {} resources: {}
serviceAccountName: artifactory-ha-operator serviceAccountName: artifactory-ha-operator

16
Openshift4/artifactory-ha-operator/deploy/operator.yaml
View File

@@ -15,8 +15,8 @@ spec:
serviceAccountName: artifactory-ha-operator serviceAccountName: artifactory-ha-operator
containers: containers:
- name: artifactory-ha-operator - name: artifactory-ha-operator
image: quay.io/jfrog/artifactory-ha-operator image: registry.connect.redhat.com/jfrog/artifactory-operator
imagePullPolicy: IfNotPresent imagePullPolicy: Always
env: env:
- name: WATCH_NAMESPACE - name: WATCH_NAMESPACE
valueFrom: valueFrom:
@@ -31,14 +31,4 @@ spec:
- name: RELATED_IMAGE_ARTIFACTORY_IMAGE_REPOSITORY - name: RELATED_IMAGE_ARTIFACTORY_IMAGE_REPOSITORY
value: "registry.connect.redhat.com/jfrog/artifactory-pro" value: "registry.connect.redhat.com/jfrog/artifactory-pro"
- name: RELATED_IMAGE_NGINX_IMAGE_REPOSITORY - name: RELATED_IMAGE_NGINX_IMAGE_REPOSITORY
value: "quay.io/jfrog/nginx-artifactory-rh-pro" value: "registry.redhat.io/rhel8/nginx-116"
- name: DATABASE_TYPE
value: "OVERRIDE"
- name: DATABASE_DRIVER
value: "OVERRIDE"
- name: DATABASE_URL
value: "OVERRIDE"
- name: DATABASE_USER
value: "OVERRIDE"
- name: DATABASE_PASSWORD
value: "OVERRIDE"

162
Openshift4/artifactory-ha-operator/deploy/role.yaml
View File

@@ -5,95 +5,115 @@ metadata:
name: artifactory-ha-operator name: artifactory-ha-operator
rules: rules:
- apiGroups: - apiGroups:
- "" - ""
resources: resources:
- pods - pods
- services - services
- services/finalizers - services/finalizers
- endpoints - endpoints
- persistentvolumeclaims - persistentvolumeclaims
- events - events
- configmaps - configmaps
- secrets - secrets
- serviceaccounts
verbs: verbs:
- create - create
- delete - delete
- get - get
- list - list
- patch - patch
- update - update
- watch - watch
- apiGroups: - apiGroups:
- apps - apps
resources: resources:
- deployments - deployments
- daemonsets - daemonsets
- replicasets - replicasets
- statefulsets - statefulsets
verbs: verbs:
- create - create
- delete - delete
- get - get
- list - list
- patch - patch
- update - update
- watch - watch
- apiGroups: - apiGroups:
- "" - ""
resources: resources:
- namespaces - namespaces
verbs: verbs:
- get - get
- apiGroups: - apiGroups:
- "" - ""
resources:
- configmaps
- secrets
verbs:
- '*'
- apiGroups:
- ""
resources:
- events
verbs:
- create
- apiGroups:
- monitoring.coreos.com
resources:
- servicemonitors
verbs:
- get
- create
- apiGroups:
- apps
resourceNames: resourceNames:
- artifactory-ha-operator - artifactory-ha-operator
resources: resources:
- deployments/finalizers - '*'
verbs: verbs:
- update - '*'
- apiGroups: - apiGroups:
- "" - ""
resources: resources:
- pods - events
verbs: verbs:
- get - create
- apiGroups: - apiGroups:
- apps - monitoring.coreos.com
resources: resources:
- replicasets - servicemonitors
- deployments
verbs: verbs:
- get - get
- create
- apiGroups: - apiGroups:
- charts.helm.k8s.io - apps
resourceNames:
- artifactory-ha-operator
resources: resources:
- '*' - deployments/finalizers
verbs: verbs:
- create - update
- delete - apiGroups:
- get - ""
- list resources:
- patch - pods
- update verbs:
- watch - get
- apiGroups:
- apps
resources:
- replicasets
- deployments
verbs:
- get
- apiGroups:
- charts.helm.k8s.io
resources:
- '*'
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- networking.k8s.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- policy
resources:
- '*'
verbs:
- '*'
- apiGroups:
- 'rbac.authorization.k8s.io'
resources:
- '*'
verbs:
- '*'

7
Openshift4/artifactory-ha-operator/watches.yaml
View File

@@ -5,9 +5,4 @@
chart: helm-charts/openshift-artifactory-ha chart: helm-charts/openshift-artifactory-ha
overrideValues: overrideValues:
artifactory-ha.artifactory.image.repository: $RELATED_IMAGE_ARTIFACTORY_IMAGE_REPOSITORY artifactory-ha.artifactory.image.repository: $RELATED_IMAGE_ARTIFACTORY_IMAGE_REPOSITORY
artifactory-ha.nginx.image.repository: $RELATED_IMAGE_NGINX_IMAGE_REPOSITORY artifactory-ha.nginx.image.repository: $RELATED_IMAGE_NGINX_IMAGE_REPOSITORY
artifactory-ha.database.type: $DATABASE_TYPE
artifactory-ha.database.driver: $DATABASE_DRIVER
artifactory-ha.database.url: $DATABASE_URL
artifactory-ha.database.user: $DATABASE_USER
artifactory-ha.database.password: $DATABASE_PASSWORD

31
Openshift4/openshift-artifactory-ha/helminstall.sh
View File

@@ -1,8 +1,22 @@
#!/usr/bin/env bash #!/usr/bin/env bash
if [[ -z "$1" ]] # PreReq'd:
then # helm install postgres bitnami/postgresql
echo "Skipping creation of persistent volume examples. Ensure there is available PVs 200Gi per node for HA." # follow artifactory postgresql db setup:
# https://www.jfrog.com/confluence/display/JFROG/PostgreSQL
POSTGRES=$(helm ls | grep postgres | wc -l)
if [[ "$POSTGRES" =~ (0) ]]
then
echo "External DB is required to run Jfrog Openshift Artifactory Helm chart"
echo ""
echo "Postgresql helm chart must be installed prior to installing this helm installer script."
echo ""
echo "helm install postgres bitnami/postgresql"
echo ""
echo "follow artifactory postgresql db setup:"
echo "https://www.jfrog.com/confluence/display/JFROG/PostgreSQL"
exit 1
else else
# patch the restricted scc to allow the pods to run as anyuid # patch the restricted scc to allow the pods to run as anyuid
oc patch scc restricted --patch '{"fsGroup":{"type":"RunAsAny"},"runAsUser":{"type":"RunAsAny"},"seLinuxContext":{"type":"RunAsAny"}}' --type=merge oc patch scc restricted --patch '{"fsGroup":{"type":"RunAsAny"},"runAsUser":{"type":"RunAsAny"},"seLinuxContext":{"type":"RunAsAny"}}' --type=merge
@@ -12,9 +26,14 @@ else
# create the tls secret # create the tls secret
oc create secret tls tls-ingress --cert=tls.crt --key=tls.key oc create secret tls tls-ingress --cert=tls.crt --key=tls.key
fi fi
# install via helm # install via helm with default postgresql configuration
helm install artifactory-ha . \ helm install artifactory-ha . \
--set artifactory-ha.nginx.tlsSecretName=tls-ingress \ --set artifactory-ha.nginx.tlsSecretName=tls-ingress \
--set artifactory-ha.artifactory.license.secret=artifactory-license,artifactory-ha.artifactory.license.dataKey=artifactory.cluster.license --set artifactory-ha.artifactory.license.secret=artifactory-license,artifactory-ha.artifactory.license.dataKey=artifactory.cluster.license \
--set artifactory-ha.database.type=postgresql \
--set artifactory-ha.database.driver=org.postgresql.Driver \
--set artifactory-ha.database.url=jdbc:postgresql://postgres-postgresql:5432/artifactory \
--set artifactory-ha.database.user=artifactory \
--set artifactory-ha.database.password=password

6
Openshift4/openshift-artifactory-ha/requirements.lock
View File

@@ -1,6 +1,6 @@
dependencies: dependencies:
- name: artifactory-ha - name: artifactory-ha
repository: https://charts.jfrog.io/ repository: https://charts.jfrog.io/
version: 2.2.9 version: 2.3.0
digest: sha256:65c1deae2ede50a40b62012243657a2ebfcc05bbd5b7f95bd8786bbb9425f13b digest: sha256:1a0b97f17a29da8dfe7f7dfbf5860258f216d1d82b06ffb55733b85f09e7cbaf
generated: "2020-04-10T10:49:58.221628-07:00" generated: "2020-04-13T11:22:22.813393-07:00"

6
Openshift4/openshift-artifactory-ha/values.yaml
View File

@@ -12,10 +12,6 @@ artifactory-ha:
url: "OVERRIDE" url: "OVERRIDE"
user: "OVERRIDE" user: "OVERRIDE"
password: "OVERRIDE" password: "OVERRIDE"
###################################
# DO NOT EDIT FURTHER
###################################
initContainerImage: registry.redhat.io/ubi8-minimal initContainerImage: registry.redhat.io/ubi8-minimal
waitForDatabase: false waitForDatabase: false
installerInfo: '{ "productId": "Openshift_artifactory-ha/{{ .Chart.Version }}", "features": [ { "featureId": "ArtifactoryVersion/{{ default .Chart.AppVersion .Values.artifactory.image.version }}" }, { "featureId": "{{ if .Values.postgresql.enabled }}postgresql{{ else }}{{ .Values.database.type }}{{ end }}/0.0.0" }, { "featureId": "Platform/Openshift" }, { "featureId": "Partner/ACC-006983" }, { "featureId": "Channel/Openshift" } ] }' installerInfo: '{ "productId": "Openshift_artifactory-ha/{{ .Chart.Version }}", "features": [ { "featureId": "ArtifactoryVersion/{{ default .Chart.AppVersion .Values.artifactory.image.version }}" }, { "featureId": "{{ if .Values.postgresql.enabled }}postgresql{{ else }}{{ .Values.database.type }}{{ end }}/0.0.0" }, { "featureId": "Platform/Openshift" }, { "featureId": "Partner/ACC-006983" }, { "featureId": "Channel/Openshift" } ] }'
@@ -40,6 +36,7 @@ artifactory-ha:
repository: registry.connect.redhat.com/jfrog/artifactory-pro repository: registry.connect.redhat.com/jfrog/artifactory-pro
version: 7.3.2 version: 7.3.2
node: node:
replicaCount: 2
waitForPrimaryStartup: waitForPrimaryStartup:
enabled: false enabled: false
masterKey: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF masterKey: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
@@ -49,6 +46,7 @@ artifactory-ha:
image: image:
repository: registry.redhat.io/rhel8/nginx-116 repository: registry.redhat.io/rhel8/nginx-116
version: latest version: latest
## K8S secret name for the TLS secret to be used for SSL
tlsSecretName: "OVERRIDE" tlsSecretName: "OVERRIDE"
http: http:
externalPort: 80 externalPort: 80