renuka-fernando/choreo-connect-openshift-routers.yaml

## choreo-connect-openshift-routers.yaml

kind: Route
apiVersion: route.openshift.io/v1
metadata:
  name: adapter
  namespace: cc
  labels:
    app.kubernetes.io/component: choreo-connect-adapter
    app.kubernetes.io/instance: foo
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: choreo-connect
    app.kubernetes.io/version: 1.0.0
    helm.sh/chart: choreo-connect-1.0.0-1
spec:
  host: adapter.wso2.com
  to:
    kind: Service
    name: foo-choreo-connect-adapter
    weight: 100
  port:
    targetPort: https-adapter
  tls:
    termination: passthrough
    insecureEdgeTerminationPolicy: None
  wildcardPolicy: None

---

kind: Route
apiVersion: route.openshift.io/v1
metadata:
  name: router
  namespace: cc
  labels:
    app.kubernetes.io/component: choreo-connect-gateway-runtime
    app.kubernetes.io/instance: foo
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: choreo-connect
    app.kubernetes.io/version: 1.0.0
    helm.sh/chart: choreo-connect-1.0.0-1
spec:
  host: gw.wso2.com
  to:
    kind: Service
    name: foo-choreo-connect-router
    weight: 100
  port:
    targetPort: https-router
  tls:
    termination: passthrough
    insecureEdgeTerminationPolicy: None
  wildcardPolicy: None

## choreo-connect-openshift.yaml
# ServiceAccount wso2am-pattern-1-svc-account
apiVersion: v1
kind: ServiceAccount
metadata:
  name: wso2am-pattern-1-svc-account
  namespace: cc

---

# SecurityContextConstraints wso2am-pattern-1-svc-account
apiVersion: security.openshift.io/v1
kind: SecurityContextConstraints
metadata:
  name: wso2am-pattern-1-svc-account
runAsUser:
  type: RunAsAny
seLinuxContext:
  type: RunAsAny
supplementalGroups:
  type: RunAsAny
users:
- system:serviceaccount:cc:wso2am-pattern-1-svc-account
volumes:
- '*'
  # additional by renuka: since these are required in openshift 4
allowPrivilegedContainer: false
allowHostNetwork: false
allowHostPorts: false
allowHostPID: false
allowHostIPC: false
readOnlyRootFilesystem: true
allowHostDirVolumePlugin: true

	kind: Route
	apiVersion: route.openshift.io/v1
	metadata:
	name: adapter
	namespace: cc
	labels:
	app.kubernetes.io/component: choreo-connect-adapter
	app.kubernetes.io/instance: foo
	app.kubernetes.io/managed-by: Helm
	app.kubernetes.io/name: choreo-connect
	app.kubernetes.io/version: 1.0.0
	helm.sh/chart: choreo-connect-1.0.0-1
	spec:
	host: adapter.wso2.com
	to:
	kind: Service
	name: foo-choreo-connect-adapter
	weight: 100
	port:
	targetPort: https-adapter
	tls:
	termination: passthrough
	insecureEdgeTerminationPolicy: None
	wildcardPolicy: None

	---

	kind: Route
	apiVersion: route.openshift.io/v1
	metadata:
	name: router
	namespace: cc
	labels:
	app.kubernetes.io/component: choreo-connect-gateway-runtime
	app.kubernetes.io/instance: foo
	app.kubernetes.io/managed-by: Helm
	app.kubernetes.io/name: choreo-connect
	app.kubernetes.io/version: 1.0.0
	helm.sh/chart: choreo-connect-1.0.0-1
	spec:
	host: gw.wso2.com
	to:
	kind: Service
	name: foo-choreo-connect-router
	weight: 100
	port:
	targetPort: https-router
	tls:
	termination: passthrough
	insecureEdgeTerminationPolicy: None
	wildcardPolicy: None
	# ServiceAccount wso2am-pattern-1-svc-account
	apiVersion: v1
	kind: ServiceAccount
	metadata:
	name: wso2am-pattern-1-svc-account
	namespace: cc

	---

	# SecurityContextConstraints wso2am-pattern-1-svc-account
	apiVersion: security.openshift.io/v1
	kind: SecurityContextConstraints
	metadata:
	name: wso2am-pattern-1-svc-account
	runAsUser:
	type: RunAsAny
	seLinuxContext:
	type: RunAsAny
	supplementalGroups:
	type: RunAsAny
	users:
	- system:serviceaccount:cc:wso2am-pattern-1-svc-account
	volumes:
	- '*'
	# additional by renuka: since these are required in openshift 4
	allowPrivilegedContainer: false
	allowHostNetwork: false
	allowHostPorts: false
	allowHostPID: false
	allowHostIPC: false
	readOnlyRootFilesystem: true
	allowHostDirVolumePlugin: true