|
apiVersion: app.kiegroup.org/v2 |
|
kind: KieApp |
|
metadata: |
|
name: pam |
|
spec: |
|
# Use this snippet to deploy a prior product version |
|
# version: 7.11.1 |
|
# Use this snippet to setup the openshift CA bundle as a truststore |
|
# truststore: |
|
# openshiftCaBundle: true |
|
# auth: |
|
# sso: |
|
# adminPassword: pwd |
|
# adminUser: admin #NOTE: remember to add Client Roles: realm-management -> realm-admin role to the admin user on RH-SSO |
|
# disableSSLCertValidation: true |
|
# realm: demo |
|
# url: https://keycloak-example.redhat.com/auth |
|
commonConfig: |
|
adminPassword: 'yours passwd here' |
|
adminUser: pamAdmin |
|
#Use this snippet to disable SSL routes |
|
disableSsl: true |
|
environment: rhpam-authoring |
|
objects: |
|
console: |
|
# integrate with RH-SSH |
|
# ssoClient: |
|
# name: kie-server |
|
# secret: someOtherPwd |
|
#env: |
|
# - name: KIE_SERVER_CONTROLLER_OPENSHIFT_ENABLED |
|
# value: "false" |
|
jvm: |
|
javaOptsAppend: >- |
|
-Dorg.uberfire.metadata.index.dir=/opt/kie/data |
|
# gitHooks: |
|
# from: |
|
# kind: PersistentVolumeClaim |
|
# name: githook-pvc |
|
env: |
|
name: LOGGER_CATEGORIES |
|
value: org.guvnor.m2repo:DEBUG,org.appformer.maven:DEBUG,org.eclipse.aether:TRACE,org.kie:DEBUG |
|
resources: |
|
requests: |
|
memory: 4Gi |
|
servers: |
|
- database: |
|
size: 10Gi |
|
type: postgresql |
|
jvm: |
|
javaOptsAppend: >- |
|
-Dorg.jbpm.document.storage=/data/document-storage |
|
env: |
|
#- name: KIE_SERVER_ROUTE_NAME |
|
# value: http-runtime-server |
|
#- name: KIE_SERVER_STARTUP_STRATEGY |
|
# value: "ControllerBasedStartupStrategy" |
|
- name: DROOLS_SERVER_FILTER_CLASSES |
|
value: 'false' |
|
- name: FILTERS |
|
value: >- |
|
AC_ALLOW_ORIGIN,AC_ALLOW_METHODS,AC_ALLOW_HEADERS,AC_ALLOW_CREDENTIALS,AC_MAX_AGE |
|
- name: AC_ALLOW_ORIGIN_FILTER_RESPONSE_HEADER_NAME |
|
value: Access-Control-Allow-Origin |
|
- name: AC_ALLOW_ORIGIN_FILTER_RESPONSE_HEADER_VALUE |
|
value: '*' |
|
- name: AC_ALLOW_METHODS_FILTER_RESPONSE_HEADER_NAME |
|
value: Access-Control-Allow-Methods |
|
- name: AC_ALLOW_METHODS_FILTER_RESPONSE_HEADER_VALUE |
|
value: 'GET, POST, OPTIONS, PUT' |
|
- name: AC_ALLOW_HEADERS_FILTER_RESPONSE_HEADER_NAME |
|
value: Access-Control-Allow-Headers |
|
- name: AC_ALLOW_HEADERS_FILTER_RESPONSE_HEADER_VALUE |
|
value: >- |
|
Accept, Authorization, Content-Type, X-Requested-With, |
|
x-kie-contenttype |
|
- name: AC_ALLOW_CREDENTIALS_FILTER_RESPONSE_HEADER_NAME |
|
value: Access-Control-Allow-Credentials |
|
- name: AC_ALLOW_CREDENTIALS_FILTER_RESPONSE_HEADER_VALUE |
|
value: 'true' |
|
- name: AC_MAX_AGE_FILTER_RESPONSE_HEADER_NAME |
|
value: Access-Control-Max-Age |
|
- name: AC_MAX_AGE_FILTER_RESPONSE_HEADER_VALUE |
|
value: '3' |
|
id: remote-ks |
|
name: remote-ks |
|
# in case you wanna refer to a custom image for the kie-server |
|
# image: custom-kieserver-image |
|
# imageTag: latest |
|
# integrate with RH-SSH |
|
# ssoClient: |
|
# name: kie-server |
|
# secret: someOtherPwd |
|
# to use an external database with a custom image |
|
# database: |
|
# externalConfig: |
|
# dialect: org.hibernate.dialect.PostgreSQLDialect |
|
# driver: postgresql |
|
# extensionImage: true |
|
# host: postgresql.rhpam-ext-ds.svc.cluster.local |
|
# name: pamdb |
|
# password: '' |
|
# port: '5432' |
|
# username: '' |
|
# type: external |
|
# build: |
|
# extensionImageStreamTag: 'jboss-kie-postgresql-extension-openshift-image:5.0.0' |
|
# extensionImageStreamTagNamespace: exter-ns-custom |
|
# extensionImageInstallDir: /extensions |
|
# Use this snippet to configure persistence for kie and maven repositories |
|
# persistRepos: true |
|
# serversM2PvSize: "10Gi" |
|
# serversKiePvSize: "150Mi" |
|
replicas: 2 |
|
resources: |
|
requests: |
|
memory: 2Gi |
|
upgrades: {} |
The supported way is to use OLM to install operator.
The OLM installation can be done using UI (standard approach) or alternatively by applying proper OperatorGroup and Subscription YAMLs (installation approach depends on OCP version, better to check with OCP docs [1]):