diff --git a/deploy/olm-catalog/dev/7.10.0-2/manifests/kieapp.crd.yaml b/deploy/olm-catalog/dev/7.10.0-2/manifests/kieapp.crd.yaml deleted file mode 120000 index 0bbfc8893..000000000 --- a/deploy/olm-catalog/dev/7.10.0-2/manifests/kieapp.crd.yaml +++ /dev/null @@ -1 +0,0 @@ -../../../../crds/kieapp.crd.yaml \ No newline at end of file diff --git a/deploy/olm-catalog/dev/7.10.0-2/manifests/kieapp.crd.yaml b/deploy/olm-catalog/dev/7.10.0-2/manifests/kieapp.crd.yaml new file mode 100644 index 000000000..e754a944e --- /dev/null +++ b/deploy/olm-catalog/dev/7.10.0-2/manifests/kieapp.crd.yaml @@ -0,0 +1,4328 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kieapps.app.kiegroup.org +spec: + group: app.kiegroup.org + names: + kind: KieApp + listKind: KieAppList + plural: kieapps + singular: kieapp + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The version of the application deployment + jsonPath: .status.version + name: Version + type: string + - description: The name of the environment used as a baseline + jsonPath: .spec.environment + name: Environment + type: string + - description: The status of the KieApp deployment + jsonPath: .status.phase + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v2 + schema: + openAPIV3Schema: + description: KieApp is the Schema for the kieapps API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KieAppSpec defines the desired state of KieApp + properties: + auth: + description: KieAppAuthObject Authentication specification to be used + by the KieApp + properties: + ldap: + description: LDAPAuthConfig Authentication configuration for LDAP + properties: + baseCtxDN: + description: LDAP Base DN of the top-level context to begin + the user search. + type: string + baseFilter: + description: DAP search filter used to locate the context + of the user to authenticate. The input username or userDN + obtained from the login module callback is substituted into + the filter anywhere a {0} expression is used. A common example + for the search filter is (uid={0}). + type: string + bindCredential: + description: LDAP Credentials used for authentication + format: password + type: string + bindDN: + description: Bind DN used for authentication + type: string + defaultRole: + description: A role included for all authenticated users + type: string + distinguishedNameAttribute: + description: The name of the attribute in the user entry that + contains the DN of the user. This may be necessary if the + DN of the user itself contains special characters, backslash + for example, that prevent correct user mapping. If the attribute + does not exist, the entry’s DN is used. + type: string + jaasSecurityDomain: + description: The JMX ObjectName of the JaasSecurityDomain + used to decrypt the password. + type: string + loginModule: + description: A flag to set login module to optional. The default + value is required + enum: + - optional + - required + type: string + parseRoleNameFromDN: + description: A flag indicating if the DN returned by a query + contains the roleNameAttributeID. If set to true, the DN + is checked for the roleNameAttributeID. If set to false, + the DN is not checked for the roleNameAttributeID. This + flag can improve the performance of LDAP queries. + type: boolean + parseUsername: + description: A flag indicating if the DN is to be parsed for + the username. If set to true, the DN is parsed for the username. + If set to false the DN is not parsed for the username. This + option is used together with usernameBeginString and usernameEndString. + type: boolean + referralUserAttributeIDToCheck: + description: If you are not using referrals, you can ignore + this option. When using referrals, this option denotes the + attribute name which contains users defined for a certain + role, for example member, if the role object is inside the + referral. Users are checked against the content of this + attribute name. If this option is not set, the check will + always fail, so role objects cannot be stored in a referral + tree. + type: string + roleAttributeID: + description: Name of the attribute containing the user roles. + type: string + roleAttributeIsDN: + description: Whether or not the roleAttributeID contains the + fully-qualified DN of a role object. If false, the role + name is taken from the value of the roleNameAttributeId + attribute of the context name. Certain directory schemas, + such as Microsoft Active Directory, require this attribute + to be set to true. + type: boolean + roleFilter: + description: A search filter used to locate the roles associated + with the authenticated user. The input username or userDN + obtained from the login module callback is substituted into + the filter anywhere a {0} expression is used. The authenticated + userDN is substituted into the filter anywhere a {1} is + used. An example search filter that matches on the input + username is (member={0}). An alternative that matches on + the authenticated userDN is (member={1}). + type: string + roleNameAttributeID: + description: Name of the attribute within the roleCtxDN context + which contains the role name. If the roleAttributeIsDN property + is set to true, this property is used to find the role object’s + name attribute. + type: string + roleRecursion: + description: The number of levels of recursion the role search + will go below a matching context. Disable recursion by setting + this to 0. + format: int16 + type: integer + rolesCtxDN: + description: The fixed DN of the context to search for user + roles. This is not the DN where the actual roles are, but + the DN where the objects containing the user roles are. + For example, in a Microsoft Active Directory server, this + is the DN where the user account is. + type: string + searchScope: + description: SearchScopeType Type used to define how the LDAP + searches are performed + enum: + - SUBTREE_SCOPE + - OBJECT_SCOPE + - ONELEVEL_SCOPE + type: string + searchTimeLimit: + description: The timeout in milliseconds for user or role + searches. + format: int32 + type: integer + url: + description: LDAP endpoint to connect for authentication. + For failover set two or more LDAP endpoints separated by + space + type: string + usernameBeginString: + description: Defines the String which is to be removed from + the start of the DN to reveal the username. This option + is used together with usernameEndString and only taken into + account if parseUsername is set to true. + type: string + usernameEndString: + description: Defines the String which is to be removed from + the end of the DN to reveal the username. This option is + used together with usernameBeginString and only taken into + account if parseUsername is set to true. + type: string + required: + - url + type: object + roleMapper: + description: When present, the RoleMapping Login Module will be + configured. + properties: + from: + description: ObjRef contains enough information to let you + inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + replaceRole: + type: boolean + rolesProperties: + type: string + required: + - rolesProperties + type: object + sso: + description: SSOAuthConfig Authentication configuration for SSO + properties: + adminPassword: + description: RH-SSO Realm Admin Password used to create the + Client + format: password + type: string + adminUser: + description: RH-SSO Realm Admin Username used to create the + Client if it doesn't exist + type: string + disableSSLCertValidation: + description: RH-SSO Disable SSL Certificate Validation + type: boolean + principalAttribute: + description: RH-SSO Principal Attribute to use as username + type: string + realm: + description: RH-SSO Realm name + type: string + url: + description: RH-SSO URL + type: string + required: + - realm + - url + type: object + type: object + commonConfig: + description: CommonConfig variables used in the templates + properties: + adminPassword: + description: The password to use for the adminUser. + format: password + type: string + adminUser: + description: The user to use for the admin. + type: string + amqClusterPassword: + description: The password to use for amq cluster user. + format: password + type: string + amqPassword: + description: The password to use for amq user. + format: password + type: string + applicationName: + description: The name of the application deployment. + type: string + dbPassword: + description: The password to use for databases. + format: password + type: string + keyStorePassword: + description: The password to use for keystore generation. + format: password + type: string + type: object + environment: + description: The name of the environment used as a baseline + enum: + - rhdm-authoring-ha + - rhdm-authoring + - rhdm-production-immutable + - rhdm-trial + - rhpam-authoring-ha + - rhpam-authoring + - rhpam-production-immutable + - rhpam-production + - rhpam-standalone-dashbuilder + - rhpam-trial + type: string + imageRegistry: + description: If required imagestreams are missing in both the 'openshift' + and local namespaces, the operator will create said imagestreams + locally using the registry specified here. + properties: + insecure: + description: A flag used to indicate the specified registry is + insecure. Defaults to 'false'. + type: boolean + registry: + description: Image registry's base 'url:port'. e.g. registry.example.com:5000. + Defaults to 'registry.redhat.io'. + type: string + type: object + objects: + description: Configuration of the RHPAM components + properties: + console: + description: ConsoleObject configuration of the RHPAM workbench + properties: + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + gitHooks: + description: GitHooksVolume GitHooks volume configuration + properties: + from: + description: ObjRef contains enough information to let + you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + mountPath: + description: Absolute path where the gitHooks folder will + be mounted. + type: string + sshSecret: + description: 'Secret to use for ssh key and known hosts + file. The secret must contain two files: id_rsa and + known_hosts.' + type: string + type: object + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param is + optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by the + KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC time + versus previous GC times when determining the new heap + size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of this + variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after GC + to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after GC + to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent outside + the garbage collection (for example, the time spent + for application execution) to the time spent in the + garbage collection, it's desirable that not more than + 1 / (1 + n) e.g. 99 and means 1% spent on gc, 4 means + spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate a default initial + heap memory based on the maximum heap memory. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xms' is set to a ratio of + the '-Xmx' memory as set here. The default is '25' which + means 25% of the '-Xmx' is used as the initial heap + size. You can skip this mechanism by setting this value + to '0' in which case no '-Xms' option is added. e.g. + '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate the maximum value + of the initial heap memory. If used in a container without + any memory constraints for the container then this option + has no effect. If there is a memory constraint then + '-Xms' is limited to the value set here. The default + is 4096Mb which means the calculated value of '-Xms' + never will be greater than 4096Mb. The value of this + variable is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given in + JAVA_OPTS. This is used to calculate a default maximal + heap memory based on a containers restriction. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xmx' is set to a ratio of + the container available memory as set here. The default + is '50' which means 50% of the available memory is used + as an upper boundary. You can skip this mechanism by + setting this value to '0' in which case no '-Xmx' option + is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + pvSize: + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the SSO + integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + dashbuilder: + description: DashbuilderObject configuration of the RHPAM Dashbuilder + properties: + config: + description: DashbuilderConfig holds all configurations that + can be applied to the Dashbuilder env + properties: + allowExternalFileRegister: + description: Allow download of external (remote) files + into runtime. Default value is false + type: boolean + componentEnable: + description: When set to true enables external components. + type: boolean + componentPartition: + description: Components will be partitioned by the Runtime + Model ID. Default value is true + type: boolean + configMapProps: + description: Properties file with Dashbuilder configurations, + if set, uniq properties will be appended and, if a property + is set mode than once, the one from this property file + will be used. + type: string + dataSetPartition: + description: Datasets IDs will partitioned by the Runtime + Model ID. Default value is true + type: boolean + enableBusinessCentral: + description: Enables integration with Business Central + type: boolean + enableKieServer: + description: Enables integration with KIE Server + type: boolean + externalCompDir: + description: Base Directory where dashboards ZIPs are + stored. If PersistentConfigs is enabled and ExternalCompDir + is not pointing to a already existing PV the /opt/kie/dashbuilder/components + directory will be used. + type: string + importFileLocation: + description: Set a static dashboard to run with runtime. + When this property is set no new imports are allowed. + type: string + importsBaseDir: + description: Base Directory where dashboards ZIPs are + stored. If PersistentConfigs is enabled and ImportsBaseDir + is not pointing to a already existing PV the /opt/kie/dashbuilder/imports + directory will be used. If ImportFileLocation is set + ImportsBaseDir will be ignored. + type: string + kieServerDataSets: + description: Defines the KIE Server Datasets access configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + kieServerTemplates: + description: Defines the KIE Server Templates access configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + modelFileRemoval: + description: When enabled will also remove actual model + file from file system. Default value is false. + type: boolean + modelUpdate: + description: Allows Runtime to check model last update + in FS to update its content. Default value is true. + type: boolean + persistentConfigs: + description: Make Dashbuilder not ephemeral. If ImportFileLocation + is set PersistentConfigs will be ignored. Default value + is true. + type: boolean + runtimeMultipleImport: + description: Runtime will always allow use of new imports + (multi tenancy). Default value is false. + type: boolean + uploadSize: + description: Limits the size of uploaded dashboards (in + kb). Default value is 10485760 kb. + format: int64 + type: integer + type: object + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param is + optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by the + KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC time + versus previous GC times when determining the new heap + size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of this + variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after GC + to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after GC + to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent outside + the garbage collection (for example, the time spent + for application execution) to the time spent in the + garbage collection, it's desirable that not more than + 1 / (1 + n) e.g. 99 and means 1% spent on gc, 4 means + spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate a default initial + heap memory based on the maximum heap memory. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xms' is set to a ratio of + the '-Xmx' memory as set here. The default is '25' which + means 25% of the '-Xmx' is used as the initial heap + size. You can skip this mechanism by setting this value + to '0' in which case no '-Xms' option is added. e.g. + '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate the maximum value + of the initial heap memory. If used in a container without + any memory constraints for the container then this option + has no effect. If there is a memory constraint then + '-Xms' is limited to the value set here. The default + is 4096Mb which means the calculated value of '-Xms' + never will be greater than 4096Mb. The value of this + variable is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given in + JAVA_OPTS. This is used to calculate a default maximal + heap memory based on a containers restriction. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xmx' is set to a ratio of + the container available memory as set here. The default + is '50' which means 50% of the available memory is used + as an upper boundary. You can skip this mechanism by + setting this value to '0' in which case no '-Xmx' option + is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the SSO + integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + processMigration: + description: ProcessMigrationObject configuration of the RHPAM + PIM + properties: + database: + description: ProcessMigrationDatabaseObject Defines how a + Process Migration server will manage and create a new Database + or connect to an existing one + properties: + externalConfig: + description: CommonExtDBObjectRequiredURL common configuration + definition of an external database + properties: + backgroundValidation: + description: Sets the sql validation method to background-validation, + if set to false the validate-on-match method will + be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + driver: + description: Driver name to use. For example, mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should be + broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + jdbcURL: + description: Database JDBC URL. For example, jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for the configured + datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for the configured + datasource. + type: string + password: + description: External database password + format: password + type: string + username: + description: External database username + type: string + required: + - driver + - jdbcURL + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to create. + For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + image: + description: The image to use for Process Instance Migration + e.g. rhpam-process-migration-rhel8, this param is optional + for custom image. + type: string + imageContext: + description: The image context to use for Process Instance + Migration e.g. rhpam-7, this param is optional for custom + image. + type: string + imageTag: + description: The image tag to use for Process Instance Migration + e.g. 7.9.0, this param is optional for custom image. + type: string + type: object + servers: + description: Configuration of the each individual KIE server + items: + description: KieServerSet KIE Server configuration for a single + set, or for multiple sets if deployments is set to >1 + properties: + build: + description: KieAppBuildObject Data to define how to build + an application from source + properties: + artifactDir: + description: List of directories from which archives + will be copied into the deployment folder. If unspecified, + all archives in /target will be copied. + type: string + env: + description: Env set environment variables for BuildConfigs + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + extensionImageInstallDir: + description: Full path to the directory within the extensions + image where the extensions are located (e.g. install.sh, + modules/, etc.). + type: string + extensionImageStreamTag: + description: ImageStreamTag definition for the image + containing the drivers and configuration. For example, + custom-driver-image:7.7.0. + type: string + extensionImageStreamTagNamespace: + description: Namespace within which the ImageStream + definition for the image containing the drivers and + configuration is located. Defaults to openshift namespace. + type: string + from: + description: ImageObjRef contains enough information + to let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to + the name of the container that triggered the event) + or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax + is chosen only to have some well-defined way of + referencing a part of an object. TODO: this design + is not final and this field is subject to change + in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + gitSource: + description: GitSource Git coordinates to locate the + source code to build + properties: + contextDir: + description: Context/subdirectory where the code + is located, relatively to repo root + type: string + reference: + description: Branch to use in the git repository + type: string + uri: + description: Git URI for the s2i source + type: string + required: + - reference + - uri + type: object + kieServerContainerDeployment: + description: The Maven GAV to deploy, e.g., rhpam-kieserver-library=org.openshift.quickstarts:rhpam-kieserver-library:1.5.0-SNAPSHOT + type: string + mavenMirrorURL: + description: Maven mirror to use for S2I builds + type: string + webhooks: + items: + description: WebhookSecret Secret to use for a given + webhook + properties: + secret: + type: string + type: + description: WebhookType literal type to distinguish + between different types of Webhooks + enum: + - GitHub + - Generic + type: string + required: + - secret + - type + type: object + minItems: 1 + type: array + type: object + database: + description: DatabaseObject Defines how a KieServer will + manage and create a new Database or connect to an existing + one + properties: + externalConfig: + description: ExternalDatabaseObject configuration definition + of an external database + properties: + backgroundValidation: + description: Sets the sql validation method to background-validation, + if set to false the validate-on-match method will + be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + dialect: + description: Hibernate dialect class to use. For + example, org.hibernate.dialect.MySQL8Dialect + type: string + driver: + description: Driver name to use. For example, mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should be + broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + host: + description: Database Host. For example, mydb.example.com + type: string + jdbcURL: + description: Database JDBC URL. For example, jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for the + configured datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for the + configured datasource. + type: string + name: + description: Database Name. For example, rhpam + type: string + nonXA: + description: Sets the datasources type. It can be + XA or NONXA. For non XA set it to true. Default + value is false. + type: string + password: + description: External database password + format: password + type: string + port: + description: Database Port. For example, 3306 + type: string + username: + description: External database username + type: string + required: + - dialect + - driver + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to create. + For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + deployments: + description: Number of Server sets that will be deployed + format: int + type: integer + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never + be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + from: + description: ImageObjRef contains enough information to + let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a + valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to + have some well-defined way of referencing a part of + an object. TODO: this design is not final and this + field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + id: + description: Server ID + type: string + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jms: + description: KieAppJmsObject messaging specification to + be used by the KieApp + properties: + amqEnableSSL: + description: Not intended to be set by the user, if + will be set to true if all required SSL parameters + are set. + type: boolean + amqKeystoreName: + description: The name of the AMQ keystore file. + type: string + amqKeystorePassword: + description: The password for the AMQ keystore and certificate. + format: password + type: string + amqQueues: + description: AMQ broker broker comma separated queues, + if empty the values from default queues will be used. + type: string + amqSecretName: + description: The name of a secret containing AMQ SSL + related files. + type: string + amqTruststoreName: + description: The name of the AMQ SSL Trust Store file. + type: string + amqTruststorePassword: + description: The password for the AMQ Trust Store. + format: password + type: string + auditTransacted: + description: Determines if JMS session is transacted + or not - default true. + type: boolean + enableAudit: + description: Enable the Audit logging through JMS. Default + is false. + type: boolean + enableIntegration: + description: When set to true will configure the KIE + Server with JMS integration, if no configuration is + added, the default will be used. + type: boolean + enableSignal: + description: Enable the Signal configuration through + JMS. Default is false. + type: boolean + executor: + description: Set false to disable the JMS executor, + it is enabled by default. + type: boolean + executorTransacted: + description: Enable transactions for JMS executor, disabled + by default. + type: boolean + password: + description: AMQ broker password to connect do the AMQ, + generated if empty. + format: password + type: string + queueAudit: + description: JNDI name of audit logging queue for JMS, + example queue/CUSTOM.KIE.SERVER.AUDIT, default is + queue/KIE.SERVER.AUDIT. + type: string + queueExecutor: + description: JNDI name of executor queue for JMS, example + queue/CUSTOM.KIE.SERVER.EXECUTOR, default is queue/KIE.SERVER.EXECUTOR. + type: string + queueRequest: + description: JNDI name of request queue for JMS, example + queue/CUSTOM.KIE.SERVER.REQUEST, default is queue/KIE.SERVER.REQUEST. + type: string + queueResponse: + description: JNDI name of response queue for JMS, example + queue/CUSTOM.KIE.SERVER.RESPONSE, default is queue/KIE.SERVER.RESPONSE. + type: string + queueSignal: + description: JNDI name of signal queue for JMS, example + queue/CUSTOM.KIE.SERVER.SIGNAL, default is queue/KIE.SERVER.SIGNAL. + type: string + username: + description: AMQ broker username to connect do the AMQ, + generated if empty. + type: string + required: + - enableIntegration + type: object + jvm: + description: JvmObject JVM specification to be used by the + KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC time + versus previous GC times when determining the new + heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of this + variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after GC + to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after GC + to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent outside + the garbage collection (for example, the time spent + for application execution) to the time spent in the + garbage collection, it's desirable that not more than + 1 / (1 + n) e.g. 99 and means 1% spent on gc, 4 means + spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap memory. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xms' is set + to a ratio of the '-Xmx' memory as set here. The default + is '25' which means 25% of the '-Xmx' is used as the + initial heap size. You can skip this mechanism by + setting this value to '0' in which case no '-Xms' + option is added. e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a container + without any memory constraints for the container then + this option has no effect. If there is a memory constraint + then '-Xms' is limited to the value set here. The + default is 4096Mb which means the calculated value + of '-Xms' never will be greater than 4096Mb. The value + of this variable is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is set + to a ratio of the container available memory as set + here. The default is '50' which means 50% of the available + memory is used as an upper boundary. You can skip + this mechanism by setting this value to '0' in which + case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + name: + description: Server name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the SSO + integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + type: array + smartRouter: + description: SmartRouterObject configuration of the RHPAM smart + router + properties: + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param is + optional for custom image. + type: string + keystoreSecret: + description: Keystore secret name + type: string + protocol: + description: Smart Router protocol, if no value is provided, + http is the default protocol. + enum: + - http + - https + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + storageClassName: + description: The storageClassName to use + type: string + useExternalRoute: + description: If enabled, Business Central will use the external + smartrouter route to communicate with it. Note that, valid + SSL certificates should be used. + type: boolean + type: object + type: object + upgrades: + description: Specify the level of product upgrade that should be allowed + when an older product version is detected + properties: + enabled: + description: Set true to enable automatic micro version product + upgrades, it is disabled by default. + type: boolean + minor: + description: Set true to enable automatic minor product version + upgrades, it is disabled by default. Requires spec.upgrades.enabled + to be true. + type: boolean + type: object + useImageTags: + description: Set true to enable image tags, disabled by default. This + will leverage image tags instead of the image digests. + type: boolean + version: + description: The version of the application deployment. + type: string + required: + - environment + type: object + status: + description: KieAppStatus - The status for custom resources managed by + the operator-sdk. + properties: + applied: + description: KieAppSpec defines the desired state of KieApp + properties: + auth: + description: KieAppAuthObject Authentication specification to + be used by the KieApp + properties: + ldap: + description: LDAPAuthConfig Authentication configuration for + LDAP + properties: + baseCtxDN: + description: LDAP Base DN of the top-level context to + begin the user search. + type: string + baseFilter: + description: DAP search filter used to locate the context + of the user to authenticate. The input username or userDN + obtained from the login module callback is substituted + into the filter anywhere a {0} expression is used. A + common example for the search filter is (uid={0}). + type: string + bindCredential: + description: LDAP Credentials used for authentication + format: password + type: string + bindDN: + description: Bind DN used for authentication + type: string + defaultRole: + description: A role included for all authenticated users + type: string + distinguishedNameAttribute: + description: The name of the attribute in the user entry + that contains the DN of the user. This may be necessary + if the DN of the user itself contains special characters, + backslash for example, that prevent correct user mapping. + If the attribute does not exist, the entry’s DN is used. + type: string + jaasSecurityDomain: + description: The JMX ObjectName of the JaasSecurityDomain + used to decrypt the password. + type: string + loginModule: + description: A flag to set login module to optional. The + default value is required + enum: + - optional + - required + type: string + parseRoleNameFromDN: + description: A flag indicating if the DN returned by a + query contains the roleNameAttributeID. If set to true, + the DN is checked for the roleNameAttributeID. If set + to false, the DN is not checked for the roleNameAttributeID. + This flag can improve the performance of LDAP queries. + type: boolean + parseUsername: + description: A flag indicating if the DN is to be parsed + for the username. If set to true, the DN is parsed for + the username. If set to false the DN is not parsed for + the username. This option is used together with usernameBeginString + and usernameEndString. + type: boolean + referralUserAttributeIDToCheck: + description: If you are not using referrals, you can ignore + this option. When using referrals, this option denotes + the attribute name which contains users defined for + a certain role, for example member, if the role object + is inside the referral. Users are checked against the + content of this attribute name. If this option is not + set, the check will always fail, so role objects cannot + be stored in a referral tree. + type: string + roleAttributeID: + description: Name of the attribute containing the user + roles. + type: string + roleAttributeIsDN: + description: Whether or not the roleAttributeID contains + the fully-qualified DN of a role object. If false, the + role name is taken from the value of the roleNameAttributeId + attribute of the context name. Certain directory schemas, + such as Microsoft Active Directory, require this attribute + to be set to true. + type: boolean + roleFilter: + description: A search filter used to locate the roles + associated with the authenticated user. The input username + or userDN obtained from the login module callback is + substituted into the filter anywhere a {0} expression + is used. The authenticated userDN is substituted into + the filter anywhere a {1} is used. An example search + filter that matches on the input username is (member={0}). + An alternative that matches on the authenticated userDN + is (member={1}). + type: string + roleNameAttributeID: + description: Name of the attribute within the roleCtxDN + context which contains the role name. If the roleAttributeIsDN + property is set to true, this property is used to find + the role object’s name attribute. + type: string + roleRecursion: + description: The number of levels of recursion the role + search will go below a matching context. Disable recursion + by setting this to 0. + format: int16 + type: integer + rolesCtxDN: + description: The fixed DN of the context to search for + user roles. This is not the DN where the actual roles + are, but the DN where the objects containing the user + roles are. For example, in a Microsoft Active Directory + server, this is the DN where the user account is. + type: string + searchScope: + description: SearchScopeType Type used to define how the + LDAP searches are performed + enum: + - SUBTREE_SCOPE + - OBJECT_SCOPE + - ONELEVEL_SCOPE + type: string + searchTimeLimit: + description: The timeout in milliseconds for user or role + searches. + format: int32 + type: integer + url: + description: LDAP endpoint to connect for authentication. + For failover set two or more LDAP endpoints separated + by space + type: string + usernameBeginString: + description: Defines the String which is to be removed + from the start of the DN to reveal the username. This + option is used together with usernameEndString and only + taken into account if parseUsername is set to true. + type: string + usernameEndString: + description: Defines the String which is to be removed + from the end of the DN to reveal the username. This + option is used together with usernameBeginString and + only taken into account if parseUsername is set to true. + type: string + required: + - url + type: object + roleMapper: + description: When present, the RoleMapping Login Module will + be configured. + properties: + from: + description: ObjRef contains enough information to let + you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + replaceRole: + type: boolean + rolesProperties: + type: string + required: + - rolesProperties + type: object + sso: + description: SSOAuthConfig Authentication configuration for + SSO + properties: + adminPassword: + description: RH-SSO Realm Admin Password used to create + the Client + format: password + type: string + adminUser: + description: RH-SSO Realm Admin Username used to create + the Client if it doesn't exist + type: string + disableSSLCertValidation: + description: RH-SSO Disable SSL Certificate Validation + type: boolean + principalAttribute: + description: RH-SSO Principal Attribute to use as username + type: string + realm: + description: RH-SSO Realm name + type: string + url: + description: RH-SSO URL + type: string + required: + - realm + - url + type: object + type: object + commonConfig: + description: CommonConfig variables used in the templates + properties: + adminPassword: + description: The password to use for the adminUser. + format: password + type: string + adminUser: + description: The user to use for the admin. + type: string + amqClusterPassword: + description: The password to use for amq cluster user. + format: password + type: string + amqPassword: + description: The password to use for amq user. + format: password + type: string + applicationName: + description: The name of the application deployment. + type: string + dbPassword: + description: The password to use for databases. + format: password + type: string + keyStorePassword: + description: The password to use for keystore generation. + format: password + type: string + type: object + environment: + description: The name of the environment used as a baseline + enum: + - rhdm-authoring-ha + - rhdm-authoring + - rhdm-production-immutable + - rhdm-trial + - rhpam-authoring-ha + - rhpam-authoring + - rhpam-production-immutable + - rhpam-production + - rhpam-standalone-dashbuilder + - rhpam-trial + type: string + imageRegistry: + description: If required imagestreams are missing in both the + 'openshift' and local namespaces, the operator will create said + imagestreams locally using the registry specified here. + properties: + insecure: + description: A flag used to indicate the specified registry + is insecure. Defaults to 'false'. + type: boolean + registry: + description: Image registry's base 'url:port'. e.g. registry.example.com:5000. + Defaults to 'registry.redhat.io'. + type: string + type: object + objects: + description: Configuration of the RHPAM components + properties: + console: + description: ConsoleObject configuration of the RHPAM workbench + properties: + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will + never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + gitHooks: + description: GitHooksVolume GitHooks volume configuration + properties: + from: + description: ObjRef contains enough information to + let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. + For example, if the object reference is to a + container within a pod, this would take on a + value like: "spec.containers{name}" (where "name" + refers to the name of the container that triggered + the event) or if no container name is specified + "spec.containers[2]" (container with index 2 + in this pod). This syntax is chosen only to + have some well-defined way of referencing a + part of an object. TODO: this design is not + final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + mountPath: + description: Absolute path where the gitHooks folder + will be mounted. + type: string + sshSecret: + description: 'Secret to use for ssh key and known + hosts file. The secret must contain two files: id_rsa + and known_hosts.' + type: string + type: object + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by + the KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC + time versus previous GC times when determining + the new heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of + this variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after + GC to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after + GC to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent + outside the garbage collection (for example, the + time spent for application execution) to the time + spent in the garbage collection, it's desirable + that not more than 1 / (1 + n) e.g. 99 and means + 1% spent on gc, 4 means spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap memory. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xms' is set + to a ratio of the '-Xmx' memory as set here. The + default is '25' which means 25% of the '-Xmx' is + used as the initial heap size. You can skip this + mechanism by setting this value to '0' in which + case no '-Xms' option is added. e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a container + without any memory constraints for the container + then this option has no effect. If there is a memory + constraint then '-Xms' is limited to the value set + here. The default is 4096Mb which means the calculated + value of '-Xms' never will be greater than 4096Mb. + The value of this variable is expressed in MB. e.g. + '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is set + to a ratio of the container available memory as + set here. The default is '50' which means 50% of + the available memory is used as an upper boundary. + You can skip this mechanism by setting this value + to '0' in which case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + pvSize: + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the + SSO integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + dashbuilder: + description: DashbuilderObject configuration of the RHPAM + Dashbuilder + properties: + config: + description: DashbuilderConfig holds all configurations + that can be applied to the Dashbuilder env + properties: + allowExternalFileRegister: + description: Allow download of external (remote) files + into runtime. Default value is false + type: boolean + componentEnable: + description: When set to true enables external components. + type: boolean + componentPartition: + description: Components will be partitioned by the + Runtime Model ID. Default value is true + type: boolean + configMapProps: + description: Properties file with Dashbuilder configurations, + if set, uniq properties will be appended and, if + a property is set mode than once, the one from this + property file will be used. + type: string + dataSetPartition: + description: Datasets IDs will partitioned by the + Runtime Model ID. Default value is true + type: boolean + enableBusinessCentral: + description: Enables integration with Business Central + type: boolean + enableKieServer: + description: Enables integration with KIE Server + type: boolean + externalCompDir: + description: Base Directory where dashboards ZIPs + are stored. If PersistentConfigs is enabled and + ExternalCompDir is not pointing to a already existing + PV the /opt/kie/dashbuilder/components directory + will be used. + type: string + importFileLocation: + description: Set a static dashboard to run with runtime. + When this property is set no new imports are allowed. + type: string + importsBaseDir: + description: Base Directory where dashboards ZIPs + are stored. If PersistentConfigs is enabled and + ImportsBaseDir is not pointing to a already existing + PV the /opt/kie/dashbuilder/imports directory will + be used. If ImportFileLocation is set ImportsBaseDir + will be ignored. + type: string + kieServerDataSets: + description: Defines the KIE Server Datasets access + configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + kieServerTemplates: + description: Defines the KIE Server Templates access + configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + modelFileRemoval: + description: When enabled will also remove actual + model file from file system. Default value is false. + type: boolean + modelUpdate: + description: Allows Runtime to check model last update + in FS to update its content. Default value is true. + type: boolean + persistentConfigs: + description: Make Dashbuilder not ephemeral. If ImportFileLocation + is set PersistentConfigs will be ignored. Default + value is true. + type: boolean + runtimeMultipleImport: + description: Runtime will always allow use of new + imports (multi tenancy). Default value is false. + type: boolean + uploadSize: + description: Limits the size of uploaded dashboards + (in kb). Default value is 10485760 kb. + format: int64 + type: integer + type: object + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will + never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by + the KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC + time versus previous GC times when determining + the new heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of + this variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after + GC to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after + GC to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent + outside the garbage collection (for example, the + time spent for application execution) to the time + spent in the garbage collection, it's desirable + that not more than 1 / (1 + n) e.g. 99 and means + 1% spent on gc, 4 means spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap memory. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xms' is set + to a ratio of the '-Xmx' memory as set here. The + default is '25' which means 25% of the '-Xmx' is + used as the initial heap size. You can skip this + mechanism by setting this value to '0' in which + case no '-Xms' option is added. e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a container + without any memory constraints for the container + then this option has no effect. If there is a memory + constraint then '-Xms' is limited to the value set + here. The default is 4096Mb which means the calculated + value of '-Xms' never will be greater than 4096Mb. + The value of this variable is expressed in MB. e.g. + '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is set + to a ratio of the container available memory as + set here. The default is '50' which means 50% of + the available memory is used as an upper boundary. + You can skip this mechanism by setting this value + to '0' in which case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the + SSO integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + processMigration: + description: ProcessMigrationObject configuration of the RHPAM + PIM + properties: + database: + description: ProcessMigrationDatabaseObject Defines how + a Process Migration server will manage and create a + new Database or connect to an existing one + properties: + externalConfig: + description: CommonExtDBObjectRequiredURL common configuration + definition of an external database + properties: + backgroundValidation: + description: Sets the sql validation method to + background-validation, if set to false the validate-on-match + method will be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + driver: + description: Driver name to use. For example, + mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should + be broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + jdbcURL: + description: Database JDBC URL. For example, jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for the + configured datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for the + configured datasource. + type: string + password: + description: External database password + format: password + type: string + username: + description: External database username + type: string + required: + - driver + - jdbcURL + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to + create. For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + image: + description: The image to use for Process Instance Migration + e.g. rhpam-process-migration-rhel8, this param is optional + for custom image. + type: string + imageContext: + description: The image context to use for Process Instance + Migration e.g. rhpam-7, this param is optional for + custom image. + type: string + imageTag: + description: The image tag to use for Process Instance + Migration e.g. 7.9.0, this param is optional for custom + image. + type: string + type: object + servers: + description: Configuration of the each individual KIE server + items: + description: KieServerSet KIE Server configuration for a + single set, or for multiple sets if deployments is set + to >1 + properties: + build: + description: KieAppBuildObject Data to define how to + build an application from source + properties: + artifactDir: + description: List of directories from which archives + will be copied into the deployment folder. If + unspecified, all archives in /target will be copied. + type: string + env: + description: Env set environment variables for BuildConfigs + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined + environment variables in the container and + any service environment variables. If a + variable cannot be resolved, the reference + in the input string will be unchanged. The + $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the + container: only resources limits and + requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + extensionImageInstallDir: + description: Full path to the directory within the + extensions image where the extensions are located + (e.g. install.sh, modules/, etc.). + type: string + extensionImageStreamTag: + description: ImageStreamTag definition for the image + containing the drivers and configuration. For + example, custom-driver-image:7.7.0. + type: string + extensionImageStreamTagNamespace: + description: Namespace within which the ImageStream + definition for the image containing the drivers + and configuration is located. Defaults to openshift + namespace. + type: string + from: + description: ImageObjRef contains enough information + to let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an + object instead of an entire object, this string + should contain a valid JSON/Go field access + statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to + a container within a pod, this would take + on a value like: "spec.containers{name}" (where + "name" refers to the name of the container + that triggered the event) or if no container + name is specified "spec.containers[2]" (container + with index 2 in this pod). This syntax is + chosen only to have some well-defined way + of referencing a part of an object. TODO: + this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + gitSource: + description: GitSource Git coordinates to locate + the source code to build + properties: + contextDir: + description: Context/subdirectory where the + code is located, relatively to repo root + type: string + reference: + description: Branch to use in the git repository + type: string + uri: + description: Git URI for the s2i source + type: string + required: + - reference + - uri + type: object + kieServerContainerDeployment: + description: The Maven GAV to deploy, e.g., rhpam-kieserver-library=org.openshift.quickstarts:rhpam-kieserver-library:1.5.0-SNAPSHOT + type: string + mavenMirrorURL: + description: Maven mirror to use for S2I builds + type: string + webhooks: + items: + description: WebhookSecret Secret to use for a + given webhook + properties: + secret: + type: string + type: + description: WebhookType literal type to distinguish + between different types of Webhooks + enum: + - GitHub + - Generic + type: string + required: + - secret + - type + type: object + minItems: 1 + type: array + type: object + database: + description: DatabaseObject Defines how a KieServer + will manage and create a new Database or connect to + an existing one + properties: + externalConfig: + description: ExternalDatabaseObject configuration + definition of an external database + properties: + backgroundValidation: + description: Sets the sql validation method + to background-validation, if set to false + the validate-on-match method will be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + dialect: + description: Hibernate dialect class to use. + For example, org.hibernate.dialect.MySQL8Dialect + type: string + driver: + description: Driver name to use. For example, + mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should + be broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + host: + description: Database Host. For example, mydb.example.com + type: string + jdbcURL: + description: Database JDBC URL. For example, + jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for + the configured datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for + the configured datasource. + type: string + name: + description: Database Name. For example, rhpam + type: string + nonXA: + description: Sets the datasources type. It can + be XA or NONXA. For non XA set it to true. + Default value is false. + type: string + password: + description: External database password + format: password + type: string + port: + description: Database Port. For example, 3306 + type: string + username: + description: External database username + type: string + required: + - dialect + - driver + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to + create. For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + deployments: + description: Number of Server sets that will be deployed + format: int + type: integer + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + from: + description: ImageObjRef contains enough information + to let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to + the name of the container that triggered the event) + or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax + is chosen only to have some well-defined way of + referencing a part of an object. TODO: this design + is not final and this field is subject to change + in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + id: + description: Server ID + type: string + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, + this param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jms: + description: KieAppJmsObject messaging specification + to be used by the KieApp + properties: + amqEnableSSL: + description: Not intended to be set by the user, + if will be set to true if all required SSL parameters + are set. + type: boolean + amqKeystoreName: + description: The name of the AMQ keystore file. + type: string + amqKeystorePassword: + description: The password for the AMQ keystore and + certificate. + format: password + type: string + amqQueues: + description: AMQ broker broker comma separated queues, + if empty the values from default queues will be + used. + type: string + amqSecretName: + description: The name of a secret containing AMQ + SSL related files. + type: string + amqTruststoreName: + description: The name of the AMQ SSL Trust Store + file. + type: string + amqTruststorePassword: + description: The password for the AMQ Trust Store. + format: password + type: string + auditTransacted: + description: Determines if JMS session is transacted + or not - default true. + type: boolean + enableAudit: + description: Enable the Audit logging through JMS. + Default is false. + type: boolean + enableIntegration: + description: When set to true will configure the + KIE Server with JMS integration, if no configuration + is added, the default will be used. + type: boolean + enableSignal: + description: Enable the Signal configuration through + JMS. Default is false. + type: boolean + executor: + description: Set false to disable the JMS executor, + it is enabled by default. + type: boolean + executorTransacted: + description: Enable transactions for JMS executor, + disabled by default. + type: boolean + password: + description: AMQ broker password to connect do the + AMQ, generated if empty. + format: password + type: string + queueAudit: + description: JNDI name of audit logging queue for + JMS, example queue/CUSTOM.KIE.SERVER.AUDIT, default + is queue/KIE.SERVER.AUDIT. + type: string + queueExecutor: + description: JNDI name of executor queue for JMS, + example queue/CUSTOM.KIE.SERVER.EXECUTOR, default + is queue/KIE.SERVER.EXECUTOR. + type: string + queueRequest: + description: JNDI name of request queue for JMS, + example queue/CUSTOM.KIE.SERVER.REQUEST, default + is queue/KIE.SERVER.REQUEST. + type: string + queueResponse: + description: JNDI name of response queue for JMS, + example queue/CUSTOM.KIE.SERVER.RESPONSE, default + is queue/KIE.SERVER.RESPONSE. + type: string + queueSignal: + description: JNDI name of signal queue for JMS, + example queue/CUSTOM.KIE.SERVER.SIGNAL, default + is queue/KIE.SERVER.SIGNAL. + type: string + username: + description: AMQ broker username to connect do the + AMQ, generated if empty. + type: string + required: + - enableIntegration + type: object + jvm: + description: JvmObject JVM specification to be used + by the KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current + GC time versus previous GC times when determining + the new heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of + this variable should contain the necessary JRE + command-line options to specify the required GC, + which will override the default of '-XX:+UseParallelOldGC'. + e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after + GC to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega + bytes unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after + GC to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent + outside the garbage collection (for example, the + time spent for application execution) to the time + spent in the garbage collection, it's desirable + that not more than 1 / (1 + n) e.g. 99 and means + 1% spent on gc, 4 means spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. + Disabled by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap + memory. If used in a container without any memory + constraints for the container then this option + has no effect. If there is a memory constraint + then '-Xms' is set to a ratio of the '-Xmx' memory + as set here. The default is '25' which means 25% + of the '-Xmx' is used as the initial heap size. + You can skip this mechanism by setting this value + to '0' in which case no '-Xms' option is added. + e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a + container without any memory constraints for the + container then this option has no effect. If there + is a memory constraint then '-Xms' is limited + to the value set here. The default is 4096Mb which + means the calculated value of '-Xms' never will + be greater than 4096Mb. The value of this variable + is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is + set to a ratio of the container available memory + as set here. The default is '50' which means 50% + of the available memory is used as an upper boundary. + You can skip this mechanism by setting this value + to '0' in which case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + name: + description: Server name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the + SSO integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect + URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + type: array + smartRouter: + description: SmartRouterObject configuration of the RHPAM + smart router + properties: + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will + never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + keystoreSecret: + description: Keystore secret name + type: string + protocol: + description: Smart Router protocol, if no value is provided, + http is the default protocol. + enum: + - http + - https + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + storageClassName: + description: The storageClassName to use + type: string + useExternalRoute: + description: If enabled, Business Central will use the + external smartrouter route to communicate with it. Note + that, valid SSL certificates should be used. + type: boolean + type: object + type: object + upgrades: + description: Specify the level of product upgrade that should + be allowed when an older product version is detected + properties: + enabled: + description: Set true to enable automatic micro version product + upgrades, it is disabled by default. + type: boolean + minor: + description: Set true to enable automatic minor product version + upgrades, it is disabled by default. Requires spec.upgrades.enabled + to be true. + type: boolean + type: object + useImageTags: + description: Set true to enable image tags, disabled by default. + This will leverage image tags instead of the image digests. + type: boolean + version: + description: The version of the application deployment. + type: string + required: + - environment + type: object + conditions: + items: + description: Condition - The condition for the kie-cloud-operator + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + description: ReasonType - type of reason + type: string + status: + type: string + type: + description: ConditionType - type of condition + type: string + version: + type: string + required: + - status + - type + type: object + type: array + consoleHost: + type: string + deployments: + properties: + ready: + description: Deployments are ready to serve requests + items: + type: string + type: array + starting: + description: Deployments are starting, may or may not succeed + items: + type: string + type: array + stopped: + description: Deployments are not starting, unclear what next step + will be + items: + type: string + type: array + type: object + phase: + description: ConditionType - type of condition + type: string + version: + type: string + required: + - conditions + - deployments + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/deploy/olm-catalog/dev/7.10.1-3/manifests/businessautomation-operator.7.10.1-3.clusterserviceversion.yaml b/deploy/olm-catalog/dev/7.10.1-3/manifests/businessautomation-operator.7.10.1-3.clusterserviceversion.yaml new file mode 100644 index 000000000..9ee69af3a --- /dev/null +++ b/deploy/olm-catalog/dev/7.10.1-3/manifests/businessautomation-operator.7.10.1-3.clusterserviceversion.yaml @@ -0,0 +1,461 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: '[{"apiVersion":"app.kiegroup.org/v2","kind":"KieApp","metadata":{"name":"rhpam-trial"},"spec":{"environment":"rhpam-trial"}}]' + capabilities: Seamless Upgrades + categories: Integration & Delivery + certified: "false" + containerImage: quay.io/kiegroup/kie-cloud-operator:7.10.1 + createdAt: "2021-04-16 12:35:56" + description: Deploys and manages Red Hat Process Automation Manager and Red Hat Decision Manager environments. + operators.openshift.io/infrastructure-features: '["Disconnected"]' + repository: https://github.com/kiegroup/kie-cloud-operator + support: Red Hat + tectonic-visibility: ocs + labels: + operator-businessautomation: "true" + operatorframework.io/arch.amd64: supported + operatorframework.io/os.linux: supported + name: businessautomation-operator.7.10.1-3-dev-lvvsp49qjd + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: A project prescription running an RHPAM/RHDM environment. + displayName: KieApp + kind: KieApp + name: kieapps.app.kiegroup.org + resources: + - kind: DeploymentConfig + name: "" + version: apps.openshift.io/v1 + - kind: StatefulSet + name: "" + version: apps/v1 + - kind: Role + name: "" + version: rbac.authorization.k8s.io/v1 + - kind: RoleBinding + name: "" + version: rbac.authorization.k8s.io/v1 + - kind: Route + name: "" + version: route.openshift.io/v1 + - kind: BuildConfig + name: "" + version: build.openshift.io/v1 + - kind: ImageStream + name: "" + version: image.openshift.io/v1 + - kind: Secret + name: "" + version: v1 + - kind: PersistentVolumeClaim + name: "" + version: v1 + - kind: ServiceAccount + name: "" + version: v1 + - kind: Service + name: "" + version: v1 + specDescriptors: + - description: Set true to enable automatic micro version product upgrades, it is disabled by default. + displayName: Enable Upgrades + path: upgrades.enabled + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - description: Set true to enable automatic minor product version upgrades, it is disabled by default. Requires spec.upgrades.enabled to be true. + displayName: Include minor version upgrades + path: upgrades.minor + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - description: Set true to enable image tags, disabled by default. This will leverage image tags instead of the image digests. + displayName: Use Image Tags + path: useImageTags + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - description: Environment deployed. + displayName: Environment + path: environment + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:label + statusDescriptors: + - description: Product version installed. + displayName: Version + path: version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:label + - description: Current phase. + displayName: Status + path: phase + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:label + - description: The address for accessing Business Central, if it is deployed. + displayName: Business/Decision Central URL + path: consoleHost + x-descriptors: + - urn:alm:descriptor:org.w3:link + - description: Deployments for the KieApp environment. + displayName: Deployments + path: deployments + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:podStatuses + version: v2 + description: |- + Deploys and manages Red Hat Process Automation Manager and Red Hat Decision Manager environments. + + * **Red Hat Process Automation Manager** is a platform for developing containerized microservices and applications that automate business decisions and processes. It includes business process management (BPM), business rules management (BRM), and business resource optimization and complex event processing (CEP) technologies. It also includes a user experience platform to create engaging user interfaces for process and decision services with minimal coding. + + * **Red Hat Decision Manager** is a platform for developing containerized microservices and applications that automate business decisions. It includes business rules management, complex event processing, and resource optimization technologies. Organizations can incorporate sophisticated decision logic into line-of-business applications and quickly update underlying business rules as market conditions change. + + [See more](https://www.redhat.com/en/products/process-automation). + displayName: Business Automation (DEV) + icon: + - base64data: PHN2ZyBpZD0iTGF5ZXJfMSIgZGF0YS1uYW1lPSJMYXllciAxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCA3MjEuMTUgNzIxLjE1Ij48ZGVmcz48c3R5bGU+LmNscy0xe2ZpbGw6I2RkMzkyNjt9LmNscy0ye2ZpbGw6I2NjMzQyNzt9LmNscy0ze2ZpbGw6I2ZmZjt9LmNscy00e2ZpbGw6I2U1ZTVlNDt9PC9zdHlsZT48L2RlZnM+PHRpdGxlPlByb2R1Y3RfSWNvbi1SZWRfSGF0LUF1dG9tYXRpb24tUkdCPC90aXRsZT48Y2lyY2xlIGNsYXNzPSJjbHMtMSIgY3g9IjM2MC41NyIgY3k9IjM2MC41NyIgcj0iMzU4LjU4Ii8+PHBhdGggY2xhc3M9ImNscy0yIiBkPSJNNjEzLjc4LDEwNy4wOSwxMDYuNzIsNjE0LjE2YzE0MC4xNCwxMzguNjIsMzY2LjExLDEzOC4xNiw1MDUuNjctMS40Uzc1Mi40LDI0Ny4yNCw2MTMuNzgsMTA3LjA5WiIvPjxwb2x5Z29uIGNsYXNzPSJjbHMtMyIgcG9pbnRzPSIzNzguOTcgMzI3LjQ4IDQ2MS43NyAxNTkuNTcgMjU5LjY3IDE1OS40OSAyNTkuNjcgNDEzLjEgMzA2Ljk3IDQxMy43OCAzOTMuMjcgMzI3LjQ3IDM3OC45NyAzMjcuNDgiLz48cG9seWdvbiBjbGFzcz0iY2xzLTQiIHBvaW50cz0iMzU5LjYgNTc4LjA2IDQ4Mi41NSAzMjcuNDUgMzkzLjI3IDMyNy40NyAzMDYuOTcgNDEzLjc4IDM1OS42IDQxNC41MiAzNTkuNiA1NzguMDYiLz48L3N2Zz4= + mediatype: image/svg+xml + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - console.openshift.io + resources: + - consolelinks + - consoleyamlsamples + verbs: + - get + - create + - update + - delete + serviceAccountName: business-automation-operator + deployments: + - name: business-automation-operator + spec: + replicas: 1 + selector: + matchLabels: + name: business-automation-operator + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + labels: + name: business-automation-operator + spec: + containers: + - command: + - kie-cloud-operator + env: + - name: OPERATOR_NAME + valueFrom: + fieldRef: + fieldPath: metadata.labels['name'] + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_UI + value: "true" + - name: DEBUG + value: "false" + - name: RELATED_IMAGE_DM_KIESERVER_IMAGE_7.9.1 + value: registry.redhat.io/rhdm-7/rhdm-kieserver-rhel8:7.9.1 + - name: RELATED_IMAGE_DM_CONTROLLER_IMAGE_7.9.1 + value: registry.redhat.io/rhdm-7/rhdm-controller-rhel8:7.9.1 + - name: RELATED_IMAGE_DM_DC_IMAGE_7.9.1 + value: registry.redhat.io/rhdm-7/rhdm-decisioncentral-rhel8:7.9.1 + - name: RELATED_IMAGE_PAM_KIESERVER_IMAGE_7.9.1 + value: registry.redhat.io/rhpam-7/rhpam-kieserver-rhel8:7.9.1 + - name: RELATED_IMAGE_PAM_CONTROLLER_IMAGE_7.9.1 + value: registry.redhat.io/rhpam-7/rhpam-controller-rhel8:7.9.1 + - name: RELATED_IMAGE_PAM_BC_IMAGE_7.9.1 + value: registry.redhat.io/rhpam-7/rhpam-businesscentral-rhel8:7.9.1 + - name: RELATED_IMAGE_PAM_BC_MONITORING_IMAGE_7.9.1 + value: registry.redhat.io/rhpam-7/rhpam-businesscentral-monitoring-rhel8:7.9.1 + - name: RELATED_IMAGE_PAM_SMARTROUTER_IMAGE_7.9.1 + value: registry.redhat.io/rhpam-7/rhpam-smartrouter-rhel8:7.9.1 + - name: RELATED_IMAGE_PAM_PROCESS_MIGRATION_IMAGE_7.9.1 + value: registry.redhat.io/rhpam-7/rhpam-process-migration-rhel8:7.9.1 + - name: RELATED_IMAGE_OSE_CLI_IMAGE_7.9.1 + value: registry.redhat.io/openshift3/ose-cli:v3.11 + - name: RELATED_IMAGE_MYSQL_PROXY_IMAGE_7.9.1 + value: registry.redhat.io/rhscl/mysql-80-rhel7:latest + - name: RELATED_IMAGE_POSTGRESQL_PROXY_IMAGE_7.9.1 + value: registry.redhat.io/rhscl/postgresql-10-rhel7:latest + - name: RELATED_IMAGE_DATAGRID_IMAGE_7.9.1 + value: registry.redhat.io/jboss-datagrid-7/datagrid73-openshift:1.6 + - name: RELATED_IMAGE_BROKER_IMAGE_7.9.1 + value: registry.redhat.io/amq7/amq-broker:7.7 + - name: RELATED_IMAGE_DM_KIESERVER_IMAGE_7.10.1 + value: registry.redhat.io/rhdm-7/rhdm-kieserver-rhel8:7.10.1 + - name: RELATED_IMAGE_DM_CONTROLLER_IMAGE_7.10.1 + value: registry.redhat.io/rhdm-7/rhdm-controller-rhel8:7.10.1 + - name: RELATED_IMAGE_DM_DC_IMAGE_7.10.1 + value: registry.redhat.io/rhdm-7/rhdm-decisioncentral-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_KIESERVER_IMAGE_7.10.1 + value: registry.redhat.io/rhpam-7/rhpam-kieserver-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_CONTROLLER_IMAGE_7.10.1 + value: registry.redhat.io/rhpam-7/rhpam-controller-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_BC_IMAGE_7.10.1 + value: registry.redhat.io/rhpam-7/rhpam-businesscentral-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_BC_MONITORING_IMAGE_7.10.1 + value: registry.redhat.io/rhpam-7/rhpam-businesscentral-monitoring-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_SMARTROUTER_IMAGE_7.10.1 + value: registry.redhat.io/rhpam-7/rhpam-smartrouter-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_PROCESS_MIGRATION_IMAGE_7.10.1 + value: registry.redhat.io/rhpam-7/rhpam-process-migration-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_DASHBUILDER_IMAGE_7.10.1 + value: registry.redhat.io/rhpam-7/rhpam-dashbuilder-rhel8:7.10.1 + - name: RELATED_IMAGE_OSE_CLI_IMAGE_7.10.1 + value: registry.redhat.io/openshift3/ose-cli:v3.11 + - name: RELATED_IMAGE_MYSQL_PROXY_IMAGE_7.10.1 + value: registry.redhat.io/rhscl/mysql-80-rhel7:latest + - name: RELATED_IMAGE_POSTGRESQL_PROXY_IMAGE_7.10.1 + value: registry.redhat.io/rhscl/postgresql-10-rhel7:latest + - name: RELATED_IMAGE_DATAGRID_IMAGE_7.10.1 + value: registry.redhat.io/jboss-datagrid-7/datagrid73-openshift:1.6 + - name: RELATED_IMAGE_BROKER_IMAGE_7.10.1 + value: registry.redhat.io/amq7/amq-broker:7.8 + - name: RELATED_IMAGE_DM_KIESERVER_IMAGE_7.10.0 + value: registry.redhat.io/rhdm-7/rhdm-kieserver-rhel8:7.10.0 + - name: RELATED_IMAGE_DM_CONTROLLER_IMAGE_7.10.0 + value: registry.redhat.io/rhdm-7/rhdm-controller-rhel8:7.10.0 + - name: RELATED_IMAGE_DM_DC_IMAGE_7.10.0 + value: registry.redhat.io/rhdm-7/rhdm-decisioncentral-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_KIESERVER_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-kieserver-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_CONTROLLER_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-controller-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_BC_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-businesscentral-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_BC_MONITORING_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-businesscentral-monitoring-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_SMARTROUTER_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-smartrouter-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_PROCESS_MIGRATION_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-process-migration-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_DASHBUILDER_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-dashbuilder-rhel8:7.10.0 + - name: RELATED_IMAGE_OSE_CLI_IMAGE_7.10.0 + value: registry.redhat.io/openshift3/ose-cli:v3.11 + - name: RELATED_IMAGE_MYSQL_PROXY_IMAGE_7.10.0 + value: registry.redhat.io/rhscl/mysql-80-rhel7:latest + - name: RELATED_IMAGE_POSTGRESQL_PROXY_IMAGE_7.10.0 + value: registry.redhat.io/rhscl/postgresql-10-rhel7:latest + - name: RELATED_IMAGE_DATAGRID_IMAGE_7.10.0 + value: registry.redhat.io/jboss-datagrid-7/datagrid73-openshift:1.6 + - name: RELATED_IMAGE_BROKER_IMAGE_7.10.0 + value: registry.redhat.io/amq7/amq-broker:7.8 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_LATEST + value: registry.redhat.io/openshift4/ose-oauth-proxy:latest + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.7 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.7 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.6 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.6 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.5 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.5 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.4 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.4 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.3 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.3 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.2 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.2 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.1 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.1 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_3 + value: registry.redhat.io/openshift3/oauth-proxy:latest + image: quay.io/kiegroup/kie-cloud-operator:7.10.1 + imagePullPolicy: Always + name: business-automation-operator + resources: {} + serviceAccountName: business-automation-operator + permissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + - pods + - services + - services/finalizers + - serviceaccounts + - persistentvolumeclaims + - secrets + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - deployments + - deployments/finalizers + - replicasets + - statefulsets + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - apps.openshift.io + resources: + - deploymentconfigs + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + - roles + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - route.openshift.io + resources: + - routes + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - build.openshift.io + resources: + - buildconfigs + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - image.openshift.io + resources: + - images + - imagestreams + - imagestreamimages + - imagestreamtags + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - app.kiegroup.org + resources: + - kieapps + - kieapps/status + - kieapps/finalizers + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + - create + - apiGroups: + - operators.coreos.com + resources: + - clusterserviceversions + - subscriptions + verbs: + - get + - list + - patch + - update + - watch + serviceAccountName: business-automation-operator + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: false + type: AllNamespaces + keywords: + - kieapp + - pam + - decision + - kie + - cloud + - bpm + - process + - automation + - operator + labels: + alm-owner-businessautomation: businessautomation-operator + operated-by: businessautomation-operator.7.10.1-3-dev-lvvsp49qjd + links: + - name: Product Page + url: https://access.redhat.com/products/red-hat-process-automation-manager + - name: Documentation + url: https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.10/#category-deploying-red-hat-process-automation-manager-on-openshift + maintainers: + - email: bsig-cloud@redhat.com + name: Red Hat + maturity: dev + provider: + name: Red Hat + replaces: businessautomation-operator.7.10.1-2 + selector: + matchLabels: + alm-owner-businessautomation: businessautomation-operator + operated-by: businessautomation-operator.7.10.1-3-dev-lvvsp49qjd + version: 7.10.1-3+lvvsp49qjd diff --git a/deploy/olm-catalog/dev/7.10.1-3/manifests/kieapp.crd.yaml b/deploy/olm-catalog/dev/7.10.1-3/manifests/kieapp.crd.yaml new file mode 100644 index 000000000..62a6ef582 --- /dev/null +++ b/deploy/olm-catalog/dev/7.10.1-3/manifests/kieapp.crd.yaml @@ -0,0 +1,4348 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kieapps.app.kiegroup.org +spec: + group: app.kiegroup.org + names: + kind: KieApp + listKind: KieAppList + plural: kieapps + singular: kieapp + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The version of the application deployment + jsonPath: .status.version + name: Version + type: string + - description: The name of the environment used as a baseline + jsonPath: .spec.environment + name: Environment + type: string + - description: The status of the KieApp deployment + jsonPath: .status.phase + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v2 + schema: + openAPIV3Schema: + description: KieApp is the Schema for the kieapps API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KieAppSpec defines the desired state of KieApp + properties: + auth: + description: KieAppAuthObject Authentication specification to be used + by the KieApp + properties: + ldap: + description: LDAPAuthConfig Authentication configuration for LDAP + properties: + baseCtxDN: + description: LDAP Base DN of the top-level context to begin + the user search. + type: string + baseFilter: + description: DAP search filter used to locate the context + of the user to authenticate. The input username or userDN + obtained from the login module callback is substituted into + the filter anywhere a {0} expression is used. A common example + for the search filter is (uid={0}). + type: string + bindCredential: + description: LDAP Credentials used for authentication + format: password + type: string + bindDN: + description: Bind DN used for authentication + type: string + defaultRole: + description: A role included for all authenticated users + type: string + distinguishedNameAttribute: + description: The name of the attribute in the user entry that + contains the DN of the user. This may be necessary if the + DN of the user itself contains special characters, backslash + for example, that prevent correct user mapping. If the attribute + does not exist, the entry’s DN is used. + type: string + jaasSecurityDomain: + description: The JMX ObjectName of the JaasSecurityDomain + used to decrypt the password. + type: string + loginModule: + description: A flag to set login module to optional. The default + value is required + enum: + - optional + - required + type: string + parseRoleNameFromDN: + description: A flag indicating if the DN returned by a query + contains the roleNameAttributeID. If set to true, the DN + is checked for the roleNameAttributeID. If set to false, + the DN is not checked for the roleNameAttributeID. This + flag can improve the performance of LDAP queries. + type: boolean + parseUsername: + description: A flag indicating if the DN is to be parsed for + the username. If set to true, the DN is parsed for the username. + If set to false the DN is not parsed for the username. This + option is used together with usernameBeginString and usernameEndString. + type: boolean + referralUserAttributeIDToCheck: + description: If you are not using referrals, you can ignore + this option. When using referrals, this option denotes the + attribute name which contains users defined for a certain + role, for example member, if the role object is inside the + referral. Users are checked against the content of this + attribute name. If this option is not set, the check will + always fail, so role objects cannot be stored in a referral + tree. + type: string + roleAttributeID: + description: Name of the attribute containing the user roles. + type: string + roleAttributeIsDN: + description: Whether or not the roleAttributeID contains the + fully-qualified DN of a role object. If false, the role + name is taken from the value of the roleNameAttributeId + attribute of the context name. Certain directory schemas, + such as Microsoft Active Directory, require this attribute + to be set to true. + type: boolean + roleFilter: + description: A search filter used to locate the roles associated + with the authenticated user. The input username or userDN + obtained from the login module callback is substituted into + the filter anywhere a {0} expression is used. The authenticated + userDN is substituted into the filter anywhere a {1} is + used. An example search filter that matches on the input + username is (member={0}). An alternative that matches on + the authenticated userDN is (member={1}). + type: string + roleNameAttributeID: + description: Name of the attribute within the roleCtxDN context + which contains the role name. If the roleAttributeIsDN property + is set to true, this property is used to find the role object’s + name attribute. + type: string + roleRecursion: + description: The number of levels of recursion the role search + will go below a matching context. Disable recursion by setting + this to 0. + format: int16 + type: integer + rolesCtxDN: + description: The fixed DN of the context to search for user + roles. This is not the DN where the actual roles are, but + the DN where the objects containing the user roles are. + For example, in a Microsoft Active Directory server, this + is the DN where the user account is. + type: string + searchScope: + description: SearchScopeType Type used to define how the LDAP + searches are performed + enum: + - SUBTREE_SCOPE + - OBJECT_SCOPE + - ONELEVEL_SCOPE + type: string + searchTimeLimit: + description: The timeout in milliseconds for user or role + searches. + format: int32 + type: integer + url: + description: LDAP endpoint to connect for authentication. + For failover set two or more LDAP endpoints separated by + space + type: string + usernameBeginString: + description: Defines the String which is to be removed from + the start of the DN to reveal the username. This option + is used together with usernameEndString and only taken into + account if parseUsername is set to true. + type: string + usernameEndString: + description: Defines the String which is to be removed from + the end of the DN to reveal the username. This option is + used together with usernameBeginString and only taken into + account if parseUsername is set to true. + type: string + required: + - url + type: object + roleMapper: + description: When present, the RoleMapping Login Module will be + configured. + properties: + from: + description: ObjRef contains enough information to let you + inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + replaceRole: + type: boolean + rolesProperties: + type: string + required: + - rolesProperties + type: object + sso: + description: SSOAuthConfig Authentication configuration for SSO + properties: + adminPassword: + description: RH-SSO Realm Admin Password used to create the + Client + format: password + type: string + adminUser: + description: RH-SSO Realm Admin Username used to create the + Client if it doesn't exist + type: string + disableSSLCertValidation: + description: RH-SSO Disable SSL Certificate Validation + type: boolean + principalAttribute: + description: RH-SSO Principal Attribute to use as username + type: string + realm: + description: RH-SSO Realm name + type: string + url: + description: RH-SSO URL + type: string + required: + - realm + - url + type: object + type: object + commonConfig: + description: CommonConfig variables used in the templates + properties: + adminPassword: + description: The password to use for the adminUser. + format: password + type: string + adminUser: + description: The user to use for the admin. + type: string + amqClusterPassword: + description: The password to use for amq cluster user. + format: password + type: string + amqPassword: + description: The password to use for amq user. + format: password + type: string + applicationName: + description: The name of the application deployment. + type: string + dbPassword: + description: The password to use for databases. + format: password + type: string + keyStorePassword: + description: The password to use for keystore generation. + format: password + type: string + type: object + environment: + description: The name of the environment used as a baseline + enum: + - rhdm-authoring-ha + - rhdm-authoring + - rhdm-production-immutable + - rhdm-trial + - rhpam-authoring-ha + - rhpam-authoring + - rhpam-production-immutable + - rhpam-production + - rhpam-standalone-dashbuilder + - rhpam-trial + type: string + imageRegistry: + description: If required imagestreams are missing in both the 'openshift' + and local namespaces, the operator will create said imagestreams + locally using the registry specified here. + properties: + insecure: + description: A flag used to indicate the specified registry is + insecure. Defaults to 'false'. + type: boolean + registry: + description: Image registry's base 'url:port'. e.g. registry.example.com:5000. + Defaults to 'registry.redhat.io'. + type: string + type: object + objects: + description: Configuration of the RHPAM components + properties: + console: + description: ConsoleObject configuration of the RHPAM workbench + properties: + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + gitHooks: + description: GitHooksVolume GitHooks volume configuration + properties: + from: + description: ObjRef contains enough information to let + you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + mountPath: + description: Absolute path where the gitHooks folder will + be mounted. + type: string + sshSecret: + description: 'Secret to use for ssh key and known hosts + file. The secret must contain two files: id_rsa and + known_hosts.' + type: string + type: object + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param is + optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by the + KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC time + versus previous GC times when determining the new heap + size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of this + variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after GC + to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after GC + to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent outside + the garbage collection (for example, the time spent + for application execution) to the time spent in the + garbage collection, it's desirable that not more than + 1 / (1 + n) e.g. 99 and means 1% spent on gc, 4 means + spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate a default initial + heap memory based on the maximum heap memory. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xms' is set to a ratio of + the '-Xmx' memory as set here. The default is '25' which + means 25% of the '-Xmx' is used as the initial heap + size. You can skip this mechanism by setting this value + to '0' in which case no '-Xms' option is added. e.g. + '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate the maximum value + of the initial heap memory. If used in a container without + any memory constraints for the container then this option + has no effect. If there is a memory constraint then + '-Xms' is limited to the value set here. The default + is 4096Mb which means the calculated value of '-Xms' + never will be greater than 4096Mb. The value of this + variable is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given in + JAVA_OPTS. This is used to calculate a default maximal + heap memory based on a containers restriction. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xmx' is set to a ratio of + the container available memory as set here. The default + is '50' which means 50% of the available memory is used + as an upper boundary. You can skip this mechanism by + setting this value to '0' in which case no '-Xmx' option + is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + pvSize: + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the SSO + integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + dashbuilder: + description: DashbuilderObject configuration of the RHPAM Dashbuilder + properties: + config: + description: DashbuilderConfig holds all configurations that + can be applied to the Dashbuilder env + properties: + allowExternalFileRegister: + description: Allow download of external (remote) files + into runtime. Default value is false + type: boolean + componentEnable: + description: When set to true enables external components. + type: boolean + componentPartition: + description: Components will be partitioned by the Runtime + Model ID. Default value is true + type: boolean + configMapProps: + description: Properties file with Dashbuilder configurations, + if set, uniq properties will be appended and, if a property + is set mode than once, the one from this property file + will be used. + type: string + dataSetPartition: + description: Datasets IDs will partitioned by the Runtime + Model ID. Default value is true + type: boolean + enableBusinessCentral: + description: Enables integration with Business Central + type: boolean + enableKieServer: + description: Enables integration with KIE Server + type: boolean + externalCompDir: + description: Base Directory where dashboards ZIPs are + stored. If PersistentConfigs is enabled and ExternalCompDir + is not pointing to a already existing PV the /opt/kie/dashbuilder/components + directory will be used. + type: string + importFileLocation: + description: Set a static dashboard to run with runtime. + When this property is set no new imports are allowed. + type: string + importsBaseDir: + description: Base Directory where dashboards ZIPs are + stored. If PersistentConfigs is enabled and ImportsBaseDir + is not pointing to a already existing PV the /opt/kie/dashbuilder/imports + directory will be used. If ImportFileLocation is set + ImportsBaseDir will be ignored. + type: string + kieServerDataSets: + description: Defines the KIE Server Datasets access configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + kieServerTemplates: + description: Defines the KIE Server Templates access configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + modelFileRemoval: + description: When enabled will also remove actual model + file from file system. Default value is false. + type: boolean + modelUpdate: + description: Allows Runtime to check model last update + in FS to update its content. Default value is true. + type: boolean + persistentConfigs: + description: Make Dashbuilder not ephemeral. If ImportFileLocation + is set PersistentConfigs will be ignored. Default value + is true. + type: boolean + runtimeMultipleImport: + description: Runtime will always allow use of new imports + (multi tenancy). Default value is false. + type: boolean + uploadSize: + description: Limits the size of uploaded dashboards (in + kb). Default value is 10485760 kb. + format: int64 + type: integer + type: object + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param is + optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by the + KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC time + versus previous GC times when determining the new heap + size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of this + variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after GC + to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after GC + to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent outside + the garbage collection (for example, the time spent + for application execution) to the time spent in the + garbage collection, it's desirable that not more than + 1 / (1 + n) e.g. 99 and means 1% spent on gc, 4 means + spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate a default initial + heap memory based on the maximum heap memory. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xms' is set to a ratio of + the '-Xmx' memory as set here. The default is '25' which + means 25% of the '-Xmx' is used as the initial heap + size. You can skip this mechanism by setting this value + to '0' in which case no '-Xms' option is added. e.g. + '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate the maximum value + of the initial heap memory. If used in a container without + any memory constraints for the container then this option + has no effect. If there is a memory constraint then + '-Xms' is limited to the value set here. The default + is 4096Mb which means the calculated value of '-Xms' + never will be greater than 4096Mb. The value of this + variable is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given in + JAVA_OPTS. This is used to calculate a default maximal + heap memory based on a containers restriction. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xmx' is set to a ratio of + the container available memory as set here. The default + is '50' which means 50% of the available memory is used + as an upper boundary. You can skip this mechanism by + setting this value to '0' in which case no '-Xmx' option + is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the SSO + integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + processMigration: + description: ProcessMigrationObject configuration of the RHPAM + PIM + properties: + database: + description: ProcessMigrationDatabaseObject Defines how a + Process Migration server will manage and create a new Database + or connect to an existing one + properties: + externalConfig: + description: CommonExtDBObjectRequiredURL common configuration + definition of an external database + properties: + backgroundValidation: + description: Sets the sql validation method to background-validation, + if set to false the validate-on-match method will + be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + driver: + description: Driver name to use. For example, mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should be + broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + jdbcURL: + description: Database JDBC URL. For example, jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for the configured + datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for the configured + datasource. + type: string + password: + description: External database password + format: password + type: string + username: + description: External database username + type: string + required: + - driver + - jdbcURL + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to create. + For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + image: + description: The image to use for Process Instance Migration + e.g. rhpam-process-migration-rhel8, this param is optional + for custom image. + type: string + imageContext: + description: The image context to use for Process Instance + Migration e.g. rhpam-7, this param is optional for custom + image. + type: string + imageTag: + description: The image tag to use for Process Instance Migration + e.g. 7.9.0, this param is optional for custom image. + type: string + type: object + servers: + description: Configuration of the each individual KIE server + items: + description: KieServerSet KIE Server configuration for a single + set, or for multiple sets if deployments is set to >1 + properties: + build: + description: KieAppBuildObject Data to define how to build + an application from source + properties: + artifactDir: + description: List of directories from which archives + will be copied into the deployment folder. If unspecified, + all archives in /target will be copied. + type: string + disableKCVerification: + description: Disable Maven KIE Jar verification. It + is recommended to test the kjar manually before disabling + this verification. + type: boolean + disablePullDeps: + description: Disable Maven pull dependencies for immutable + KIE Server configurations for S2I and pre built kjars. + Useful for pre-compiled kjar. + type: boolean + env: + description: Env set environment variables for BuildConfigs + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + extensionImageInstallDir: + description: Full path to the directory within the extensions + image where the extensions are located (e.g. install.sh, + modules/, etc.). + type: string + extensionImageStreamTag: + description: ImageStreamTag definition for the image + containing the drivers and configuration. For example, + custom-driver-image:7.7.0. + type: string + extensionImageStreamTagNamespace: + description: Namespace within which the ImageStream + definition for the image containing the drivers and + configuration is located. Defaults to openshift namespace. + type: string + from: + description: ImageObjRef contains enough information + to let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to + the name of the container that triggered the event) + or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax + is chosen only to have some well-defined way of + referencing a part of an object. TODO: this design + is not final and this field is subject to change + in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + gitSource: + description: GitSource Git coordinates to locate the + source code to build + properties: + contextDir: + description: Context/subdirectory where the code + is located, relatively to repo root + type: string + reference: + description: Branch to use in the git repository + type: string + uri: + description: Git URI for the s2i source + type: string + required: + - reference + - uri + type: object + kieServerContainerDeployment: + description: The Maven GAV to deploy, e.g., rhpam-kieserver-library=org.openshift.quickstarts:rhpam-kieserver-library:1.5.0-SNAPSHOT + type: string + mavenMirrorURL: + description: Maven mirror to use for S2I builds + type: string + webhooks: + items: + description: WebhookSecret Secret to use for a given + webhook + properties: + secret: + type: string + type: + description: WebhookType literal type to distinguish + between different types of Webhooks + enum: + - GitHub + - Generic + type: string + required: + - secret + - type + type: object + minItems: 1 + type: array + type: object + database: + description: DatabaseObject Defines how a KieServer will + manage and create a new Database or connect to an existing + one + properties: + externalConfig: + description: ExternalDatabaseObject configuration definition + of an external database + properties: + backgroundValidation: + description: Sets the sql validation method to background-validation, + if set to false the validate-on-match method will + be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + dialect: + description: Hibernate dialect class to use. For + example, org.hibernate.dialect.MySQL8Dialect + type: string + driver: + description: Driver name to use. For example, mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should be + broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + host: + description: Database Host. For example, mydb.example.com + type: string + jdbcURL: + description: Database JDBC URL. For example, jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for the + configured datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for the + configured datasource. + type: string + name: + description: Database Name. For example, rhpam + type: string + nonXA: + description: Sets the datasources type. It can be + XA or NONXA. For non XA set it to true. Default + value is false. + type: string + password: + description: External database password + format: password + type: string + port: + description: Database Port. For example, 3306 + type: string + username: + description: External database username + type: string + required: + - dialect + - driver + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to create. + For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + deployments: + description: Number of Server sets that will be deployed + format: int + type: integer + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never + be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + from: + description: ImageObjRef contains enough information to + let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a + valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to + have some well-defined way of referencing a part of + an object. TODO: this design is not final and this + field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + id: + description: Server ID + type: string + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jms: + description: KieAppJmsObject messaging specification to + be used by the KieApp + properties: + amqEnableSSL: + description: Not intended to be set by the user, if + will be set to true if all required SSL parameters + are set. + type: boolean + amqKeystoreName: + description: The name of the AMQ keystore file. + type: string + amqKeystorePassword: + description: The password for the AMQ keystore and certificate. + format: password + type: string + amqQueues: + description: AMQ broker broker comma separated queues, + if empty the values from default queues will be used. + type: string + amqSecretName: + description: The name of a secret containing AMQ SSL + related files. + type: string + amqTruststoreName: + description: The name of the AMQ SSL Trust Store file. + type: string + amqTruststorePassword: + description: The password for the AMQ Trust Store. + format: password + type: string + auditTransacted: + description: Determines if JMS session is transacted + or not - default true. + type: boolean + enableAudit: + description: Enable the Audit logging through JMS. Default + is false. + type: boolean + enableIntegration: + description: When set to true will configure the KIE + Server with JMS integration, if no configuration is + added, the default will be used. + type: boolean + enableSignal: + description: Enable the Signal configuration through + JMS. Default is false. + type: boolean + executor: + description: Set false to disable the JMS executor, + it is enabled by default. + type: boolean + executorTransacted: + description: Enable transactions for JMS executor, disabled + by default. + type: boolean + password: + description: AMQ broker password to connect do the AMQ, + generated if empty. + format: password + type: string + queueAudit: + description: JNDI name of audit logging queue for JMS, + example queue/CUSTOM.KIE.SERVER.AUDIT, default is + queue/KIE.SERVER.AUDIT. + type: string + queueExecutor: + description: JNDI name of executor queue for JMS, example + queue/CUSTOM.KIE.SERVER.EXECUTOR, default is queue/KIE.SERVER.EXECUTOR. + type: string + queueRequest: + description: JNDI name of request queue for JMS, example + queue/CUSTOM.KIE.SERVER.REQUEST, default is queue/KIE.SERVER.REQUEST. + type: string + queueResponse: + description: JNDI name of response queue for JMS, example + queue/CUSTOM.KIE.SERVER.RESPONSE, default is queue/KIE.SERVER.RESPONSE. + type: string + queueSignal: + description: JNDI name of signal queue for JMS, example + queue/CUSTOM.KIE.SERVER.SIGNAL, default is queue/KIE.SERVER.SIGNAL. + type: string + username: + description: AMQ broker username to connect do the AMQ, + generated if empty. + type: string + required: + - enableIntegration + type: object + jvm: + description: JvmObject JVM specification to be used by the + KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC time + versus previous GC times when determining the new + heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of this + variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after GC + to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after GC + to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent outside + the garbage collection (for example, the time spent + for application execution) to the time spent in the + garbage collection, it's desirable that not more than + 1 / (1 + n) e.g. 99 and means 1% spent on gc, 4 means + spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap memory. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xms' is set + to a ratio of the '-Xmx' memory as set here. The default + is '25' which means 25% of the '-Xmx' is used as the + initial heap size. You can skip this mechanism by + setting this value to '0' in which case no '-Xms' + option is added. e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a container + without any memory constraints for the container then + this option has no effect. If there is a memory constraint + then '-Xms' is limited to the value set here. The + default is 4096Mb which means the calculated value + of '-Xms' never will be greater than 4096Mb. The value + of this variable is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is set + to a ratio of the container available memory as set + here. The default is '50' which means 50% of the available + memory is used as an upper boundary. You can skip + this mechanism by setting this value to '0' in which + case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + name: + description: Server name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the SSO + integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + type: array + smartRouter: + description: SmartRouterObject configuration of the RHPAM smart + router + properties: + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param is + optional for custom image. + type: string + keystoreSecret: + description: Keystore secret name + type: string + protocol: + description: Smart Router protocol, if no value is provided, + http is the default protocol. + enum: + - http + - https + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + storageClassName: + description: The storageClassName to use + type: string + useExternalRoute: + description: If enabled, Business Central will use the external + smartrouter route to communicate with it. Note that, valid + SSL certificates should be used. + type: boolean + type: object + type: object + upgrades: + description: Specify the level of product upgrade that should be allowed + when an older product version is detected + properties: + enabled: + description: Set true to enable automatic micro version product + upgrades, it is disabled by default. + type: boolean + minor: + description: Set true to enable automatic minor product version + upgrades, it is disabled by default. Requires spec.upgrades.enabled + to be true. + type: boolean + type: object + useImageTags: + description: Set true to enable image tags, disabled by default. This + will leverage image tags instead of the image digests. + type: boolean + version: + description: The version of the application deployment. + type: string + required: + - environment + type: object + status: + description: KieAppStatus - The status for custom resources managed by + the operator-sdk. + properties: + applied: + description: KieAppSpec defines the desired state of KieApp + properties: + auth: + description: KieAppAuthObject Authentication specification to + be used by the KieApp + properties: + ldap: + description: LDAPAuthConfig Authentication configuration for + LDAP + properties: + baseCtxDN: + description: LDAP Base DN of the top-level context to + begin the user search. + type: string + baseFilter: + description: DAP search filter used to locate the context + of the user to authenticate. The input username or userDN + obtained from the login module callback is substituted + into the filter anywhere a {0} expression is used. A + common example for the search filter is (uid={0}). + type: string + bindCredential: + description: LDAP Credentials used for authentication + format: password + type: string + bindDN: + description: Bind DN used for authentication + type: string + defaultRole: + description: A role included for all authenticated users + type: string + distinguishedNameAttribute: + description: The name of the attribute in the user entry + that contains the DN of the user. This may be necessary + if the DN of the user itself contains special characters, + backslash for example, that prevent correct user mapping. + If the attribute does not exist, the entry’s DN is used. + type: string + jaasSecurityDomain: + description: The JMX ObjectName of the JaasSecurityDomain + used to decrypt the password. + type: string + loginModule: + description: A flag to set login module to optional. The + default value is required + enum: + - optional + - required + type: string + parseRoleNameFromDN: + description: A flag indicating if the DN returned by a + query contains the roleNameAttributeID. If set to true, + the DN is checked for the roleNameAttributeID. If set + to false, the DN is not checked for the roleNameAttributeID. + This flag can improve the performance of LDAP queries. + type: boolean + parseUsername: + description: A flag indicating if the DN is to be parsed + for the username. If set to true, the DN is parsed for + the username. If set to false the DN is not parsed for + the username. This option is used together with usernameBeginString + and usernameEndString. + type: boolean + referralUserAttributeIDToCheck: + description: If you are not using referrals, you can ignore + this option. When using referrals, this option denotes + the attribute name which contains users defined for + a certain role, for example member, if the role object + is inside the referral. Users are checked against the + content of this attribute name. If this option is not + set, the check will always fail, so role objects cannot + be stored in a referral tree. + type: string + roleAttributeID: + description: Name of the attribute containing the user + roles. + type: string + roleAttributeIsDN: + description: Whether or not the roleAttributeID contains + the fully-qualified DN of a role object. If false, the + role name is taken from the value of the roleNameAttributeId + attribute of the context name. Certain directory schemas, + such as Microsoft Active Directory, require this attribute + to be set to true. + type: boolean + roleFilter: + description: A search filter used to locate the roles + associated with the authenticated user. The input username + or userDN obtained from the login module callback is + substituted into the filter anywhere a {0} expression + is used. The authenticated userDN is substituted into + the filter anywhere a {1} is used. An example search + filter that matches on the input username is (member={0}). + An alternative that matches on the authenticated userDN + is (member={1}). + type: string + roleNameAttributeID: + description: Name of the attribute within the roleCtxDN + context which contains the role name. If the roleAttributeIsDN + property is set to true, this property is used to find + the role object’s name attribute. + type: string + roleRecursion: + description: The number of levels of recursion the role + search will go below a matching context. Disable recursion + by setting this to 0. + format: int16 + type: integer + rolesCtxDN: + description: The fixed DN of the context to search for + user roles. This is not the DN where the actual roles + are, but the DN where the objects containing the user + roles are. For example, in a Microsoft Active Directory + server, this is the DN where the user account is. + type: string + searchScope: + description: SearchScopeType Type used to define how the + LDAP searches are performed + enum: + - SUBTREE_SCOPE + - OBJECT_SCOPE + - ONELEVEL_SCOPE + type: string + searchTimeLimit: + description: The timeout in milliseconds for user or role + searches. + format: int32 + type: integer + url: + description: LDAP endpoint to connect for authentication. + For failover set two or more LDAP endpoints separated + by space + type: string + usernameBeginString: + description: Defines the String which is to be removed + from the start of the DN to reveal the username. This + option is used together with usernameEndString and only + taken into account if parseUsername is set to true. + type: string + usernameEndString: + description: Defines the String which is to be removed + from the end of the DN to reveal the username. This + option is used together with usernameBeginString and + only taken into account if parseUsername is set to true. + type: string + required: + - url + type: object + roleMapper: + description: When present, the RoleMapping Login Module will + be configured. + properties: + from: + description: ObjRef contains enough information to let + you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + replaceRole: + type: boolean + rolesProperties: + type: string + required: + - rolesProperties + type: object + sso: + description: SSOAuthConfig Authentication configuration for + SSO + properties: + adminPassword: + description: RH-SSO Realm Admin Password used to create + the Client + format: password + type: string + adminUser: + description: RH-SSO Realm Admin Username used to create + the Client if it doesn't exist + type: string + disableSSLCertValidation: + description: RH-SSO Disable SSL Certificate Validation + type: boolean + principalAttribute: + description: RH-SSO Principal Attribute to use as username + type: string + realm: + description: RH-SSO Realm name + type: string + url: + description: RH-SSO URL + type: string + required: + - realm + - url + type: object + type: object + commonConfig: + description: CommonConfig variables used in the templates + properties: + adminPassword: + description: The password to use for the adminUser. + format: password + type: string + adminUser: + description: The user to use for the admin. + type: string + amqClusterPassword: + description: The password to use for amq cluster user. + format: password + type: string + amqPassword: + description: The password to use for amq user. + format: password + type: string + applicationName: + description: The name of the application deployment. + type: string + dbPassword: + description: The password to use for databases. + format: password + type: string + keyStorePassword: + description: The password to use for keystore generation. + format: password + type: string + type: object + environment: + description: The name of the environment used as a baseline + enum: + - rhdm-authoring-ha + - rhdm-authoring + - rhdm-production-immutable + - rhdm-trial + - rhpam-authoring-ha + - rhpam-authoring + - rhpam-production-immutable + - rhpam-production + - rhpam-standalone-dashbuilder + - rhpam-trial + type: string + imageRegistry: + description: If required imagestreams are missing in both the + 'openshift' and local namespaces, the operator will create said + imagestreams locally using the registry specified here. + properties: + insecure: + description: A flag used to indicate the specified registry + is insecure. Defaults to 'false'. + type: boolean + registry: + description: Image registry's base 'url:port'. e.g. registry.example.com:5000. + Defaults to 'registry.redhat.io'. + type: string + type: object + objects: + description: Configuration of the RHPAM components + properties: + console: + description: ConsoleObject configuration of the RHPAM workbench + properties: + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will + never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + gitHooks: + description: GitHooksVolume GitHooks volume configuration + properties: + from: + description: ObjRef contains enough information to + let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. + For example, if the object reference is to a + container within a pod, this would take on a + value like: "spec.containers{name}" (where "name" + refers to the name of the container that triggered + the event) or if no container name is specified + "spec.containers[2]" (container with index 2 + in this pod). This syntax is chosen only to + have some well-defined way of referencing a + part of an object. TODO: this design is not + final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + mountPath: + description: Absolute path where the gitHooks folder + will be mounted. + type: string + sshSecret: + description: 'Secret to use for ssh key and known + hosts file. The secret must contain two files: id_rsa + and known_hosts.' + type: string + type: object + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by + the KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC + time versus previous GC times when determining + the new heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of + this variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after + GC to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after + GC to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent + outside the garbage collection (for example, the + time spent for application execution) to the time + spent in the garbage collection, it's desirable + that not more than 1 / (1 + n) e.g. 99 and means + 1% spent on gc, 4 means spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap memory. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xms' is set + to a ratio of the '-Xmx' memory as set here. The + default is '25' which means 25% of the '-Xmx' is + used as the initial heap size. You can skip this + mechanism by setting this value to '0' in which + case no '-Xms' option is added. e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a container + without any memory constraints for the container + then this option has no effect. If there is a memory + constraint then '-Xms' is limited to the value set + here. The default is 4096Mb which means the calculated + value of '-Xms' never will be greater than 4096Mb. + The value of this variable is expressed in MB. e.g. + '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is set + to a ratio of the container available memory as + set here. The default is '50' which means 50% of + the available memory is used as an upper boundary. + You can skip this mechanism by setting this value + to '0' in which case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + pvSize: + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the + SSO integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + dashbuilder: + description: DashbuilderObject configuration of the RHPAM + Dashbuilder + properties: + config: + description: DashbuilderConfig holds all configurations + that can be applied to the Dashbuilder env + properties: + allowExternalFileRegister: + description: Allow download of external (remote) files + into runtime. Default value is false + type: boolean + componentEnable: + description: When set to true enables external components. + type: boolean + componentPartition: + description: Components will be partitioned by the + Runtime Model ID. Default value is true + type: boolean + configMapProps: + description: Properties file with Dashbuilder configurations, + if set, uniq properties will be appended and, if + a property is set mode than once, the one from this + property file will be used. + type: string + dataSetPartition: + description: Datasets IDs will partitioned by the + Runtime Model ID. Default value is true + type: boolean + enableBusinessCentral: + description: Enables integration with Business Central + type: boolean + enableKieServer: + description: Enables integration with KIE Server + type: boolean + externalCompDir: + description: Base Directory where dashboards ZIPs + are stored. If PersistentConfigs is enabled and + ExternalCompDir is not pointing to a already existing + PV the /opt/kie/dashbuilder/components directory + will be used. + type: string + importFileLocation: + description: Set a static dashboard to run with runtime. + When this property is set no new imports are allowed. + type: string + importsBaseDir: + description: Base Directory where dashboards ZIPs + are stored. If PersistentConfigs is enabled and + ImportsBaseDir is not pointing to a already existing + PV the /opt/kie/dashbuilder/imports directory will + be used. If ImportFileLocation is set ImportsBaseDir + will be ignored. + type: string + kieServerDataSets: + description: Defines the KIE Server Datasets access + configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + kieServerTemplates: + description: Defines the KIE Server Templates access + configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + modelFileRemoval: + description: When enabled will also remove actual + model file from file system. Default value is false. + type: boolean + modelUpdate: + description: Allows Runtime to check model last update + in FS to update its content. Default value is true. + type: boolean + persistentConfigs: + description: Make Dashbuilder not ephemeral. If ImportFileLocation + is set PersistentConfigs will be ignored. Default + value is true. + type: boolean + runtimeMultipleImport: + description: Runtime will always allow use of new + imports (multi tenancy). Default value is false. + type: boolean + uploadSize: + description: Limits the size of uploaded dashboards + (in kb). Default value is 10485760 kb. + format: int64 + type: integer + type: object + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will + never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by + the KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC + time versus previous GC times when determining + the new heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of + this variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after + GC to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after + GC to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent + outside the garbage collection (for example, the + time spent for application execution) to the time + spent in the garbage collection, it's desirable + that not more than 1 / (1 + n) e.g. 99 and means + 1% spent on gc, 4 means spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap memory. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xms' is set + to a ratio of the '-Xmx' memory as set here. The + default is '25' which means 25% of the '-Xmx' is + used as the initial heap size. You can skip this + mechanism by setting this value to '0' in which + case no '-Xms' option is added. e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a container + without any memory constraints for the container + then this option has no effect. If there is a memory + constraint then '-Xms' is limited to the value set + here. The default is 4096Mb which means the calculated + value of '-Xms' never will be greater than 4096Mb. + The value of this variable is expressed in MB. e.g. + '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is set + to a ratio of the container available memory as + set here. The default is '50' which means 50% of + the available memory is used as an upper boundary. + You can skip this mechanism by setting this value + to '0' in which case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the + SSO integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + processMigration: + description: ProcessMigrationObject configuration of the RHPAM + PIM + properties: + database: + description: ProcessMigrationDatabaseObject Defines how + a Process Migration server will manage and create a + new Database or connect to an existing one + properties: + externalConfig: + description: CommonExtDBObjectRequiredURL common configuration + definition of an external database + properties: + backgroundValidation: + description: Sets the sql validation method to + background-validation, if set to false the validate-on-match + method will be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + driver: + description: Driver name to use. For example, + mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should + be broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + jdbcURL: + description: Database JDBC URL. For example, jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for the + configured datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for the + configured datasource. + type: string + password: + description: External database password + format: password + type: string + username: + description: External database username + type: string + required: + - driver + - jdbcURL + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to + create. For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + image: + description: The image to use for Process Instance Migration + e.g. rhpam-process-migration-rhel8, this param is optional + for custom image. + type: string + imageContext: + description: The image context to use for Process Instance + Migration e.g. rhpam-7, this param is optional for + custom image. + type: string + imageTag: + description: The image tag to use for Process Instance + Migration e.g. 7.9.0, this param is optional for custom + image. + type: string + type: object + servers: + description: Configuration of the each individual KIE server + items: + description: KieServerSet KIE Server configuration for a + single set, or for multiple sets if deployments is set + to >1 + properties: + build: + description: KieAppBuildObject Data to define how to + build an application from source + properties: + artifactDir: + description: List of directories from which archives + will be copied into the deployment folder. If + unspecified, all archives in /target will be copied. + type: string + disableKCVerification: + description: Disable Maven KIE Jar verification. + It is recommended to test the kjar manually before + disabling this verification. + type: boolean + disablePullDeps: + description: Disable Maven pull dependencies for + immutable KIE Server configurations for S2I and + pre built kjars. Useful for pre-compiled kjar. + type: boolean + env: + description: Env set environment variables for BuildConfigs + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined + environment variables in the container and + any service environment variables. If a + variable cannot be resolved, the reference + in the input string will be unchanged. The + $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the + container: only resources limits and + requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + extensionImageInstallDir: + description: Full path to the directory within the + extensions image where the extensions are located + (e.g. install.sh, modules/, etc.). + type: string + extensionImageStreamTag: + description: ImageStreamTag definition for the image + containing the drivers and configuration. For + example, custom-driver-image:7.7.0. + type: string + extensionImageStreamTagNamespace: + description: Namespace within which the ImageStream + definition for the image containing the drivers + and configuration is located. Defaults to openshift + namespace. + type: string + from: + description: ImageObjRef contains enough information + to let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an + object instead of an entire object, this string + should contain a valid JSON/Go field access + statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to + a container within a pod, this would take + on a value like: "spec.containers{name}" (where + "name" refers to the name of the container + that triggered the event) or if no container + name is specified "spec.containers[2]" (container + with index 2 in this pod). This syntax is + chosen only to have some well-defined way + of referencing a part of an object. TODO: + this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + gitSource: + description: GitSource Git coordinates to locate + the source code to build + properties: + contextDir: + description: Context/subdirectory where the + code is located, relatively to repo root + type: string + reference: + description: Branch to use in the git repository + type: string + uri: + description: Git URI for the s2i source + type: string + required: + - reference + - uri + type: object + kieServerContainerDeployment: + description: The Maven GAV to deploy, e.g., rhpam-kieserver-library=org.openshift.quickstarts:rhpam-kieserver-library:1.5.0-SNAPSHOT + type: string + mavenMirrorURL: + description: Maven mirror to use for S2I builds + type: string + webhooks: + items: + description: WebhookSecret Secret to use for a + given webhook + properties: + secret: + type: string + type: + description: WebhookType literal type to distinguish + between different types of Webhooks + enum: + - GitHub + - Generic + type: string + required: + - secret + - type + type: object + minItems: 1 + type: array + type: object + database: + description: DatabaseObject Defines how a KieServer + will manage and create a new Database or connect to + an existing one + properties: + externalConfig: + description: ExternalDatabaseObject configuration + definition of an external database + properties: + backgroundValidation: + description: Sets the sql validation method + to background-validation, if set to false + the validate-on-match method will be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + dialect: + description: Hibernate dialect class to use. + For example, org.hibernate.dialect.MySQL8Dialect + type: string + driver: + description: Driver name to use. For example, + mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should + be broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + host: + description: Database Host. For example, mydb.example.com + type: string + jdbcURL: + description: Database JDBC URL. For example, + jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for + the configured datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for + the configured datasource. + type: string + name: + description: Database Name. For example, rhpam + type: string + nonXA: + description: Sets the datasources type. It can + be XA or NONXA. For non XA set it to true. + Default value is false. + type: string + password: + description: External database password + format: password + type: string + port: + description: Database Port. For example, 3306 + type: string + username: + description: External database username + type: string + required: + - dialect + - driver + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to + create. For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + deployments: + description: Number of Server sets that will be deployed + format: int + type: integer + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + from: + description: ImageObjRef contains enough information + to let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to + the name of the container that triggered the event) + or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax + is chosen only to have some well-defined way of + referencing a part of an object. TODO: this design + is not final and this field is subject to change + in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + id: + description: Server ID + type: string + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, + this param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jms: + description: KieAppJmsObject messaging specification + to be used by the KieApp + properties: + amqEnableSSL: + description: Not intended to be set by the user, + if will be set to true if all required SSL parameters + are set. + type: boolean + amqKeystoreName: + description: The name of the AMQ keystore file. + type: string + amqKeystorePassword: + description: The password for the AMQ keystore and + certificate. + format: password + type: string + amqQueues: + description: AMQ broker broker comma separated queues, + if empty the values from default queues will be + used. + type: string + amqSecretName: + description: The name of a secret containing AMQ + SSL related files. + type: string + amqTruststoreName: + description: The name of the AMQ SSL Trust Store + file. + type: string + amqTruststorePassword: + description: The password for the AMQ Trust Store. + format: password + type: string + auditTransacted: + description: Determines if JMS session is transacted + or not - default true. + type: boolean + enableAudit: + description: Enable the Audit logging through JMS. + Default is false. + type: boolean + enableIntegration: + description: When set to true will configure the + KIE Server with JMS integration, if no configuration + is added, the default will be used. + type: boolean + enableSignal: + description: Enable the Signal configuration through + JMS. Default is false. + type: boolean + executor: + description: Set false to disable the JMS executor, + it is enabled by default. + type: boolean + executorTransacted: + description: Enable transactions for JMS executor, + disabled by default. + type: boolean + password: + description: AMQ broker password to connect do the + AMQ, generated if empty. + format: password + type: string + queueAudit: + description: JNDI name of audit logging queue for + JMS, example queue/CUSTOM.KIE.SERVER.AUDIT, default + is queue/KIE.SERVER.AUDIT. + type: string + queueExecutor: + description: JNDI name of executor queue for JMS, + example queue/CUSTOM.KIE.SERVER.EXECUTOR, default + is queue/KIE.SERVER.EXECUTOR. + type: string + queueRequest: + description: JNDI name of request queue for JMS, + example queue/CUSTOM.KIE.SERVER.REQUEST, default + is queue/KIE.SERVER.REQUEST. + type: string + queueResponse: + description: JNDI name of response queue for JMS, + example queue/CUSTOM.KIE.SERVER.RESPONSE, default + is queue/KIE.SERVER.RESPONSE. + type: string + queueSignal: + description: JNDI name of signal queue for JMS, + example queue/CUSTOM.KIE.SERVER.SIGNAL, default + is queue/KIE.SERVER.SIGNAL. + type: string + username: + description: AMQ broker username to connect do the + AMQ, generated if empty. + type: string + required: + - enableIntegration + type: object + jvm: + description: JvmObject JVM specification to be used + by the KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current + GC time versus previous GC times when determining + the new heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of + this variable should contain the necessary JRE + command-line options to specify the required GC, + which will override the default of '-XX:+UseParallelOldGC'. + e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after + GC to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega + bytes unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after + GC to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent + outside the garbage collection (for example, the + time spent for application execution) to the time + spent in the garbage collection, it's desirable + that not more than 1 / (1 + n) e.g. 99 and means + 1% spent on gc, 4 means spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. + Disabled by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap + memory. If used in a container without any memory + constraints for the container then this option + has no effect. If there is a memory constraint + then '-Xms' is set to a ratio of the '-Xmx' memory + as set here. The default is '25' which means 25% + of the '-Xmx' is used as the initial heap size. + You can skip this mechanism by setting this value + to '0' in which case no '-Xms' option is added. + e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a + container without any memory constraints for the + container then this option has no effect. If there + is a memory constraint then '-Xms' is limited + to the value set here. The default is 4096Mb which + means the calculated value of '-Xms' never will + be greater than 4096Mb. The value of this variable + is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is + set to a ratio of the container available memory + as set here. The default is '50' which means 50% + of the available memory is used as an upper boundary. + You can skip this mechanism by setting this value + to '0' in which case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + name: + description: Server name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the + SSO integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect + URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + type: array + smartRouter: + description: SmartRouterObject configuration of the RHPAM + smart router + properties: + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will + never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + keystoreSecret: + description: Keystore secret name + type: string + protocol: + description: Smart Router protocol, if no value is provided, + http is the default protocol. + enum: + - http + - https + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + storageClassName: + description: The storageClassName to use + type: string + useExternalRoute: + description: If enabled, Business Central will use the + external smartrouter route to communicate with it. Note + that, valid SSL certificates should be used. + type: boolean + type: object + type: object + upgrades: + description: Specify the level of product upgrade that should + be allowed when an older product version is detected + properties: + enabled: + description: Set true to enable automatic micro version product + upgrades, it is disabled by default. + type: boolean + minor: + description: Set true to enable automatic minor product version + upgrades, it is disabled by default. Requires spec.upgrades.enabled + to be true. + type: boolean + type: object + useImageTags: + description: Set true to enable image tags, disabled by default. + This will leverage image tags instead of the image digests. + type: boolean + version: + description: The version of the application deployment. + type: string + required: + - environment + type: object + conditions: + items: + description: Condition - The condition for the kie-cloud-operator + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + description: ReasonType - type of reason + type: string + status: + type: string + type: + description: ConditionType - type of condition + type: string + version: + type: string + required: + - status + - type + type: object + type: array + consoleHost: + type: string + deployments: + properties: + ready: + description: Deployments are ready to serve requests + items: + type: string + type: array + starting: + description: Deployments are starting, may or may not succeed + items: + type: string + type: array + stopped: + description: Deployments are not starting, unclear what next step + will be + items: + type: string + type: array + type: object + phase: + description: ConditionType - type of condition + type: string + version: + type: string + required: + - conditions + - deployments + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/deploy/olm-catalog/dev/7.10.1-3/metadata/annotations.yaml b/deploy/olm-catalog/dev/7.10.1-3/metadata/annotations.yaml new file mode 100644 index 000000000..724337620 --- /dev/null +++ b/deploy/olm-catalog/dev/7.10.1-3/metadata/annotations.yaml @@ -0,0 +1,10 @@ +annotations: + operators.operatorframework.io.bundle.channel.default.v1: stable + operators.operatorframework.io.bundle.channels.v1: stable + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: businessautomation-operator + operators.operatorframework.io.metrics.builder: operator-sdk-v0.19.2 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: go diff --git a/deploy/olm-catalog/dev/7.11.0-1/manifests/businessautomation-operator.clusterserviceversion.yaml b/deploy/olm-catalog/dev/7.11.0-1/manifests/businessautomation-operator.clusterserviceversion.yaml index 38541ebf4..b5bec4d1b 100644 --- a/deploy/olm-catalog/dev/7.11.0-1/manifests/businessautomation-operator.clusterserviceversion.yaml +++ b/deploy/olm-catalog/dev/7.11.0-1/manifests/businessautomation-operator.clusterserviceversion.yaml @@ -7,7 +7,7 @@ metadata: categories: Integration & Delivery certified: "false" containerImage: quay.io/kiegroup/kie-cloud-operator:7.11.0 - createdAt: "2021-04-08 15:31:30" + createdAt: "2021-04-16 15:53:33" description: Deploys and manages Red Hat Process Automation Manager and Red Hat Decision Manager environments. operators.openshift.io/infrastructure-features: '["Disconnected"]' repository: https://github.com/kiegroup/kie-cloud-operator @@ -17,7 +17,7 @@ metadata: operator-businessautomation: "true" operatorframework.io/arch.amd64: supported operatorframework.io/os.linux: supported - name: businessautomation-operator.7.11.0-1-dev-8qfdkpq94c + name: businessautomation-operator.7.11.0-1-dev-xdmmzc5mcg namespace: placeholder spec: apiservicedefinitions: {} @@ -401,7 +401,7 @@ spec: - operator labels: alm-owner-businessautomation: businessautomation-operator - operated-by: businessautomation-operator.7.11.0-1-dev-8qfdkpq94c + operated-by: businessautomation-operator.7.11.0-1-dev-xdmmzc5mcg links: - name: Product Page url: https://access.redhat.com/products/red-hat-process-automation-manager @@ -413,9 +413,9 @@ spec: maturity: dev provider: name: Red Hat - replaces: businessautomation-operator.7.10.1-2 + replaces: businessautomation-operator.7.10.1-3 selector: matchLabels: alm-owner-businessautomation: businessautomation-operator - operated-by: businessautomation-operator.7.11.0-1-dev-8qfdkpq94c - version: 7.11.0-1+8qfdkpq94c + operated-by: businessautomation-operator.7.11.0-1-dev-xdmmzc5mcg + version: 7.11.0-1+xdmmzc5mcg diff --git a/deploy/olm-catalog/prod/7.10.0-2/manifests/kieapp.crd.yaml b/deploy/olm-catalog/prod/7.10.0-2/manifests/kieapp.crd.yaml deleted file mode 120000 index 0bbfc8893..000000000 --- a/deploy/olm-catalog/prod/7.10.0-2/manifests/kieapp.crd.yaml +++ /dev/null @@ -1 +0,0 @@ -../../../../crds/kieapp.crd.yaml \ No newline at end of file diff --git a/deploy/olm-catalog/prod/7.10.0-2/manifests/kieapp.crd.yaml b/deploy/olm-catalog/prod/7.10.0-2/manifests/kieapp.crd.yaml new file mode 100644 index 000000000..e754a944e --- /dev/null +++ b/deploy/olm-catalog/prod/7.10.0-2/manifests/kieapp.crd.yaml @@ -0,0 +1,4328 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kieapps.app.kiegroup.org +spec: + group: app.kiegroup.org + names: + kind: KieApp + listKind: KieAppList + plural: kieapps + singular: kieapp + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The version of the application deployment + jsonPath: .status.version + name: Version + type: string + - description: The name of the environment used as a baseline + jsonPath: .spec.environment + name: Environment + type: string + - description: The status of the KieApp deployment + jsonPath: .status.phase + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v2 + schema: + openAPIV3Schema: + description: KieApp is the Schema for the kieapps API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KieAppSpec defines the desired state of KieApp + properties: + auth: + description: KieAppAuthObject Authentication specification to be used + by the KieApp + properties: + ldap: + description: LDAPAuthConfig Authentication configuration for LDAP + properties: + baseCtxDN: + description: LDAP Base DN of the top-level context to begin + the user search. + type: string + baseFilter: + description: DAP search filter used to locate the context + of the user to authenticate. The input username or userDN + obtained from the login module callback is substituted into + the filter anywhere a {0} expression is used. A common example + for the search filter is (uid={0}). + type: string + bindCredential: + description: LDAP Credentials used for authentication + format: password + type: string + bindDN: + description: Bind DN used for authentication + type: string + defaultRole: + description: A role included for all authenticated users + type: string + distinguishedNameAttribute: + description: The name of the attribute in the user entry that + contains the DN of the user. This may be necessary if the + DN of the user itself contains special characters, backslash + for example, that prevent correct user mapping. If the attribute + does not exist, the entry’s DN is used. + type: string + jaasSecurityDomain: + description: The JMX ObjectName of the JaasSecurityDomain + used to decrypt the password. + type: string + loginModule: + description: A flag to set login module to optional. The default + value is required + enum: + - optional + - required + type: string + parseRoleNameFromDN: + description: A flag indicating if the DN returned by a query + contains the roleNameAttributeID. If set to true, the DN + is checked for the roleNameAttributeID. If set to false, + the DN is not checked for the roleNameAttributeID. This + flag can improve the performance of LDAP queries. + type: boolean + parseUsername: + description: A flag indicating if the DN is to be parsed for + the username. If set to true, the DN is parsed for the username. + If set to false the DN is not parsed for the username. This + option is used together with usernameBeginString and usernameEndString. + type: boolean + referralUserAttributeIDToCheck: + description: If you are not using referrals, you can ignore + this option. When using referrals, this option denotes the + attribute name which contains users defined for a certain + role, for example member, if the role object is inside the + referral. Users are checked against the content of this + attribute name. If this option is not set, the check will + always fail, so role objects cannot be stored in a referral + tree. + type: string + roleAttributeID: + description: Name of the attribute containing the user roles. + type: string + roleAttributeIsDN: + description: Whether or not the roleAttributeID contains the + fully-qualified DN of a role object. If false, the role + name is taken from the value of the roleNameAttributeId + attribute of the context name. Certain directory schemas, + such as Microsoft Active Directory, require this attribute + to be set to true. + type: boolean + roleFilter: + description: A search filter used to locate the roles associated + with the authenticated user. The input username or userDN + obtained from the login module callback is substituted into + the filter anywhere a {0} expression is used. The authenticated + userDN is substituted into the filter anywhere a {1} is + used. An example search filter that matches on the input + username is (member={0}). An alternative that matches on + the authenticated userDN is (member={1}). + type: string + roleNameAttributeID: + description: Name of the attribute within the roleCtxDN context + which contains the role name. If the roleAttributeIsDN property + is set to true, this property is used to find the role object’s + name attribute. + type: string + roleRecursion: + description: The number of levels of recursion the role search + will go below a matching context. Disable recursion by setting + this to 0. + format: int16 + type: integer + rolesCtxDN: + description: The fixed DN of the context to search for user + roles. This is not the DN where the actual roles are, but + the DN where the objects containing the user roles are. + For example, in a Microsoft Active Directory server, this + is the DN where the user account is. + type: string + searchScope: + description: SearchScopeType Type used to define how the LDAP + searches are performed + enum: + - SUBTREE_SCOPE + - OBJECT_SCOPE + - ONELEVEL_SCOPE + type: string + searchTimeLimit: + description: The timeout in milliseconds for user or role + searches. + format: int32 + type: integer + url: + description: LDAP endpoint to connect for authentication. + For failover set two or more LDAP endpoints separated by + space + type: string + usernameBeginString: + description: Defines the String which is to be removed from + the start of the DN to reveal the username. This option + is used together with usernameEndString and only taken into + account if parseUsername is set to true. + type: string + usernameEndString: + description: Defines the String which is to be removed from + the end of the DN to reveal the username. This option is + used together with usernameBeginString and only taken into + account if parseUsername is set to true. + type: string + required: + - url + type: object + roleMapper: + description: When present, the RoleMapping Login Module will be + configured. + properties: + from: + description: ObjRef contains enough information to let you + inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + replaceRole: + type: boolean + rolesProperties: + type: string + required: + - rolesProperties + type: object + sso: + description: SSOAuthConfig Authentication configuration for SSO + properties: + adminPassword: + description: RH-SSO Realm Admin Password used to create the + Client + format: password + type: string + adminUser: + description: RH-SSO Realm Admin Username used to create the + Client if it doesn't exist + type: string + disableSSLCertValidation: + description: RH-SSO Disable SSL Certificate Validation + type: boolean + principalAttribute: + description: RH-SSO Principal Attribute to use as username + type: string + realm: + description: RH-SSO Realm name + type: string + url: + description: RH-SSO URL + type: string + required: + - realm + - url + type: object + type: object + commonConfig: + description: CommonConfig variables used in the templates + properties: + adminPassword: + description: The password to use for the adminUser. + format: password + type: string + adminUser: + description: The user to use for the admin. + type: string + amqClusterPassword: + description: The password to use for amq cluster user. + format: password + type: string + amqPassword: + description: The password to use for amq user. + format: password + type: string + applicationName: + description: The name of the application deployment. + type: string + dbPassword: + description: The password to use for databases. + format: password + type: string + keyStorePassword: + description: The password to use for keystore generation. + format: password + type: string + type: object + environment: + description: The name of the environment used as a baseline + enum: + - rhdm-authoring-ha + - rhdm-authoring + - rhdm-production-immutable + - rhdm-trial + - rhpam-authoring-ha + - rhpam-authoring + - rhpam-production-immutable + - rhpam-production + - rhpam-standalone-dashbuilder + - rhpam-trial + type: string + imageRegistry: + description: If required imagestreams are missing in both the 'openshift' + and local namespaces, the operator will create said imagestreams + locally using the registry specified here. + properties: + insecure: + description: A flag used to indicate the specified registry is + insecure. Defaults to 'false'. + type: boolean + registry: + description: Image registry's base 'url:port'. e.g. registry.example.com:5000. + Defaults to 'registry.redhat.io'. + type: string + type: object + objects: + description: Configuration of the RHPAM components + properties: + console: + description: ConsoleObject configuration of the RHPAM workbench + properties: + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + gitHooks: + description: GitHooksVolume GitHooks volume configuration + properties: + from: + description: ObjRef contains enough information to let + you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + mountPath: + description: Absolute path where the gitHooks folder will + be mounted. + type: string + sshSecret: + description: 'Secret to use for ssh key and known hosts + file. The secret must contain two files: id_rsa and + known_hosts.' + type: string + type: object + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param is + optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by the + KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC time + versus previous GC times when determining the new heap + size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of this + variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after GC + to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after GC + to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent outside + the garbage collection (for example, the time spent + for application execution) to the time spent in the + garbage collection, it's desirable that not more than + 1 / (1 + n) e.g. 99 and means 1% spent on gc, 4 means + spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate a default initial + heap memory based on the maximum heap memory. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xms' is set to a ratio of + the '-Xmx' memory as set here. The default is '25' which + means 25% of the '-Xmx' is used as the initial heap + size. You can skip this mechanism by setting this value + to '0' in which case no '-Xms' option is added. e.g. + '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate the maximum value + of the initial heap memory. If used in a container without + any memory constraints for the container then this option + has no effect. If there is a memory constraint then + '-Xms' is limited to the value set here. The default + is 4096Mb which means the calculated value of '-Xms' + never will be greater than 4096Mb. The value of this + variable is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given in + JAVA_OPTS. This is used to calculate a default maximal + heap memory based on a containers restriction. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xmx' is set to a ratio of + the container available memory as set here. The default + is '50' which means 50% of the available memory is used + as an upper boundary. You can skip this mechanism by + setting this value to '0' in which case no '-Xmx' option + is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + pvSize: + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the SSO + integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + dashbuilder: + description: DashbuilderObject configuration of the RHPAM Dashbuilder + properties: + config: + description: DashbuilderConfig holds all configurations that + can be applied to the Dashbuilder env + properties: + allowExternalFileRegister: + description: Allow download of external (remote) files + into runtime. Default value is false + type: boolean + componentEnable: + description: When set to true enables external components. + type: boolean + componentPartition: + description: Components will be partitioned by the Runtime + Model ID. Default value is true + type: boolean + configMapProps: + description: Properties file with Dashbuilder configurations, + if set, uniq properties will be appended and, if a property + is set mode than once, the one from this property file + will be used. + type: string + dataSetPartition: + description: Datasets IDs will partitioned by the Runtime + Model ID. Default value is true + type: boolean + enableBusinessCentral: + description: Enables integration with Business Central + type: boolean + enableKieServer: + description: Enables integration with KIE Server + type: boolean + externalCompDir: + description: Base Directory where dashboards ZIPs are + stored. If PersistentConfigs is enabled and ExternalCompDir + is not pointing to a already existing PV the /opt/kie/dashbuilder/components + directory will be used. + type: string + importFileLocation: + description: Set a static dashboard to run with runtime. + When this property is set no new imports are allowed. + type: string + importsBaseDir: + description: Base Directory where dashboards ZIPs are + stored. If PersistentConfigs is enabled and ImportsBaseDir + is not pointing to a already existing PV the /opt/kie/dashbuilder/imports + directory will be used. If ImportFileLocation is set + ImportsBaseDir will be ignored. + type: string + kieServerDataSets: + description: Defines the KIE Server Datasets access configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + kieServerTemplates: + description: Defines the KIE Server Templates access configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + modelFileRemoval: + description: When enabled will also remove actual model + file from file system. Default value is false. + type: boolean + modelUpdate: + description: Allows Runtime to check model last update + in FS to update its content. Default value is true. + type: boolean + persistentConfigs: + description: Make Dashbuilder not ephemeral. If ImportFileLocation + is set PersistentConfigs will be ignored. Default value + is true. + type: boolean + runtimeMultipleImport: + description: Runtime will always allow use of new imports + (multi tenancy). Default value is false. + type: boolean + uploadSize: + description: Limits the size of uploaded dashboards (in + kb). Default value is 10485760 kb. + format: int64 + type: integer + type: object + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param is + optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by the + KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC time + versus previous GC times when determining the new heap + size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of this + variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after GC + to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after GC + to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent outside + the garbage collection (for example, the time spent + for application execution) to the time spent in the + garbage collection, it's desirable that not more than + 1 / (1 + n) e.g. 99 and means 1% spent on gc, 4 means + spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate a default initial + heap memory based on the maximum heap memory. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xms' is set to a ratio of + the '-Xmx' memory as set here. The default is '25' which + means 25% of the '-Xmx' is used as the initial heap + size. You can skip this mechanism by setting this value + to '0' in which case no '-Xms' option is added. e.g. + '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate the maximum value + of the initial heap memory. If used in a container without + any memory constraints for the container then this option + has no effect. If there is a memory constraint then + '-Xms' is limited to the value set here. The default + is 4096Mb which means the calculated value of '-Xms' + never will be greater than 4096Mb. The value of this + variable is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given in + JAVA_OPTS. This is used to calculate a default maximal + heap memory based on a containers restriction. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xmx' is set to a ratio of + the container available memory as set here. The default + is '50' which means 50% of the available memory is used + as an upper boundary. You can skip this mechanism by + setting this value to '0' in which case no '-Xmx' option + is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the SSO + integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + processMigration: + description: ProcessMigrationObject configuration of the RHPAM + PIM + properties: + database: + description: ProcessMigrationDatabaseObject Defines how a + Process Migration server will manage and create a new Database + or connect to an existing one + properties: + externalConfig: + description: CommonExtDBObjectRequiredURL common configuration + definition of an external database + properties: + backgroundValidation: + description: Sets the sql validation method to background-validation, + if set to false the validate-on-match method will + be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + driver: + description: Driver name to use. For example, mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should be + broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + jdbcURL: + description: Database JDBC URL. For example, jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for the configured + datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for the configured + datasource. + type: string + password: + description: External database password + format: password + type: string + username: + description: External database username + type: string + required: + - driver + - jdbcURL + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to create. + For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + image: + description: The image to use for Process Instance Migration + e.g. rhpam-process-migration-rhel8, this param is optional + for custom image. + type: string + imageContext: + description: The image context to use for Process Instance + Migration e.g. rhpam-7, this param is optional for custom + image. + type: string + imageTag: + description: The image tag to use for Process Instance Migration + e.g. 7.9.0, this param is optional for custom image. + type: string + type: object + servers: + description: Configuration of the each individual KIE server + items: + description: KieServerSet KIE Server configuration for a single + set, or for multiple sets if deployments is set to >1 + properties: + build: + description: KieAppBuildObject Data to define how to build + an application from source + properties: + artifactDir: + description: List of directories from which archives + will be copied into the deployment folder. If unspecified, + all archives in /target will be copied. + type: string + env: + description: Env set environment variables for BuildConfigs + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + extensionImageInstallDir: + description: Full path to the directory within the extensions + image where the extensions are located (e.g. install.sh, + modules/, etc.). + type: string + extensionImageStreamTag: + description: ImageStreamTag definition for the image + containing the drivers and configuration. For example, + custom-driver-image:7.7.0. + type: string + extensionImageStreamTagNamespace: + description: Namespace within which the ImageStream + definition for the image containing the drivers and + configuration is located. Defaults to openshift namespace. + type: string + from: + description: ImageObjRef contains enough information + to let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to + the name of the container that triggered the event) + or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax + is chosen only to have some well-defined way of + referencing a part of an object. TODO: this design + is not final and this field is subject to change + in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + gitSource: + description: GitSource Git coordinates to locate the + source code to build + properties: + contextDir: + description: Context/subdirectory where the code + is located, relatively to repo root + type: string + reference: + description: Branch to use in the git repository + type: string + uri: + description: Git URI for the s2i source + type: string + required: + - reference + - uri + type: object + kieServerContainerDeployment: + description: The Maven GAV to deploy, e.g., rhpam-kieserver-library=org.openshift.quickstarts:rhpam-kieserver-library:1.5.0-SNAPSHOT + type: string + mavenMirrorURL: + description: Maven mirror to use for S2I builds + type: string + webhooks: + items: + description: WebhookSecret Secret to use for a given + webhook + properties: + secret: + type: string + type: + description: WebhookType literal type to distinguish + between different types of Webhooks + enum: + - GitHub + - Generic + type: string + required: + - secret + - type + type: object + minItems: 1 + type: array + type: object + database: + description: DatabaseObject Defines how a KieServer will + manage and create a new Database or connect to an existing + one + properties: + externalConfig: + description: ExternalDatabaseObject configuration definition + of an external database + properties: + backgroundValidation: + description: Sets the sql validation method to background-validation, + if set to false the validate-on-match method will + be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + dialect: + description: Hibernate dialect class to use. For + example, org.hibernate.dialect.MySQL8Dialect + type: string + driver: + description: Driver name to use. For example, mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should be + broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + host: + description: Database Host. For example, mydb.example.com + type: string + jdbcURL: + description: Database JDBC URL. For example, jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for the + configured datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for the + configured datasource. + type: string + name: + description: Database Name. For example, rhpam + type: string + nonXA: + description: Sets the datasources type. It can be + XA or NONXA. For non XA set it to true. Default + value is false. + type: string + password: + description: External database password + format: password + type: string + port: + description: Database Port. For example, 3306 + type: string + username: + description: External database username + type: string + required: + - dialect + - driver + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to create. + For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + deployments: + description: Number of Server sets that will be deployed + format: int + type: integer + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never + be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + from: + description: ImageObjRef contains enough information to + let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a + valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to + have some well-defined way of referencing a part of + an object. TODO: this design is not final and this + field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + id: + description: Server ID + type: string + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jms: + description: KieAppJmsObject messaging specification to + be used by the KieApp + properties: + amqEnableSSL: + description: Not intended to be set by the user, if + will be set to true if all required SSL parameters + are set. + type: boolean + amqKeystoreName: + description: The name of the AMQ keystore file. + type: string + amqKeystorePassword: + description: The password for the AMQ keystore and certificate. + format: password + type: string + amqQueues: + description: AMQ broker broker comma separated queues, + if empty the values from default queues will be used. + type: string + amqSecretName: + description: The name of a secret containing AMQ SSL + related files. + type: string + amqTruststoreName: + description: The name of the AMQ SSL Trust Store file. + type: string + amqTruststorePassword: + description: The password for the AMQ Trust Store. + format: password + type: string + auditTransacted: + description: Determines if JMS session is transacted + or not - default true. + type: boolean + enableAudit: + description: Enable the Audit logging through JMS. Default + is false. + type: boolean + enableIntegration: + description: When set to true will configure the KIE + Server with JMS integration, if no configuration is + added, the default will be used. + type: boolean + enableSignal: + description: Enable the Signal configuration through + JMS. Default is false. + type: boolean + executor: + description: Set false to disable the JMS executor, + it is enabled by default. + type: boolean + executorTransacted: + description: Enable transactions for JMS executor, disabled + by default. + type: boolean + password: + description: AMQ broker password to connect do the AMQ, + generated if empty. + format: password + type: string + queueAudit: + description: JNDI name of audit logging queue for JMS, + example queue/CUSTOM.KIE.SERVER.AUDIT, default is + queue/KIE.SERVER.AUDIT. + type: string + queueExecutor: + description: JNDI name of executor queue for JMS, example + queue/CUSTOM.KIE.SERVER.EXECUTOR, default is queue/KIE.SERVER.EXECUTOR. + type: string + queueRequest: + description: JNDI name of request queue for JMS, example + queue/CUSTOM.KIE.SERVER.REQUEST, default is queue/KIE.SERVER.REQUEST. + type: string + queueResponse: + description: JNDI name of response queue for JMS, example + queue/CUSTOM.KIE.SERVER.RESPONSE, default is queue/KIE.SERVER.RESPONSE. + type: string + queueSignal: + description: JNDI name of signal queue for JMS, example + queue/CUSTOM.KIE.SERVER.SIGNAL, default is queue/KIE.SERVER.SIGNAL. + type: string + username: + description: AMQ broker username to connect do the AMQ, + generated if empty. + type: string + required: + - enableIntegration + type: object + jvm: + description: JvmObject JVM specification to be used by the + KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC time + versus previous GC times when determining the new + heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of this + variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after GC + to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after GC + to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent outside + the garbage collection (for example, the time spent + for application execution) to the time spent in the + garbage collection, it's desirable that not more than + 1 / (1 + n) e.g. 99 and means 1% spent on gc, 4 means + spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap memory. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xms' is set + to a ratio of the '-Xmx' memory as set here. The default + is '25' which means 25% of the '-Xmx' is used as the + initial heap size. You can skip this mechanism by + setting this value to '0' in which case no '-Xms' + option is added. e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a container + without any memory constraints for the container then + this option has no effect. If there is a memory constraint + then '-Xms' is limited to the value set here. The + default is 4096Mb which means the calculated value + of '-Xms' never will be greater than 4096Mb. The value + of this variable is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is set + to a ratio of the container available memory as set + here. The default is '50' which means 50% of the available + memory is used as an upper boundary. You can skip + this mechanism by setting this value to '0' in which + case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + name: + description: Server name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the SSO + integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + type: array + smartRouter: + description: SmartRouterObject configuration of the RHPAM smart + router + properties: + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param is + optional for custom image. + type: string + keystoreSecret: + description: Keystore secret name + type: string + protocol: + description: Smart Router protocol, if no value is provided, + http is the default protocol. + enum: + - http + - https + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + storageClassName: + description: The storageClassName to use + type: string + useExternalRoute: + description: If enabled, Business Central will use the external + smartrouter route to communicate with it. Note that, valid + SSL certificates should be used. + type: boolean + type: object + type: object + upgrades: + description: Specify the level of product upgrade that should be allowed + when an older product version is detected + properties: + enabled: + description: Set true to enable automatic micro version product + upgrades, it is disabled by default. + type: boolean + minor: + description: Set true to enable automatic minor product version + upgrades, it is disabled by default. Requires spec.upgrades.enabled + to be true. + type: boolean + type: object + useImageTags: + description: Set true to enable image tags, disabled by default. This + will leverage image tags instead of the image digests. + type: boolean + version: + description: The version of the application deployment. + type: string + required: + - environment + type: object + status: + description: KieAppStatus - The status for custom resources managed by + the operator-sdk. + properties: + applied: + description: KieAppSpec defines the desired state of KieApp + properties: + auth: + description: KieAppAuthObject Authentication specification to + be used by the KieApp + properties: + ldap: + description: LDAPAuthConfig Authentication configuration for + LDAP + properties: + baseCtxDN: + description: LDAP Base DN of the top-level context to + begin the user search. + type: string + baseFilter: + description: DAP search filter used to locate the context + of the user to authenticate. The input username or userDN + obtained from the login module callback is substituted + into the filter anywhere a {0} expression is used. A + common example for the search filter is (uid={0}). + type: string + bindCredential: + description: LDAP Credentials used for authentication + format: password + type: string + bindDN: + description: Bind DN used for authentication + type: string + defaultRole: + description: A role included for all authenticated users + type: string + distinguishedNameAttribute: + description: The name of the attribute in the user entry + that contains the DN of the user. This may be necessary + if the DN of the user itself contains special characters, + backslash for example, that prevent correct user mapping. + If the attribute does not exist, the entry’s DN is used. + type: string + jaasSecurityDomain: + description: The JMX ObjectName of the JaasSecurityDomain + used to decrypt the password. + type: string + loginModule: + description: A flag to set login module to optional. The + default value is required + enum: + - optional + - required + type: string + parseRoleNameFromDN: + description: A flag indicating if the DN returned by a + query contains the roleNameAttributeID. If set to true, + the DN is checked for the roleNameAttributeID. If set + to false, the DN is not checked for the roleNameAttributeID. + This flag can improve the performance of LDAP queries. + type: boolean + parseUsername: + description: A flag indicating if the DN is to be parsed + for the username. If set to true, the DN is parsed for + the username. If set to false the DN is not parsed for + the username. This option is used together with usernameBeginString + and usernameEndString. + type: boolean + referralUserAttributeIDToCheck: + description: If you are not using referrals, you can ignore + this option. When using referrals, this option denotes + the attribute name which contains users defined for + a certain role, for example member, if the role object + is inside the referral. Users are checked against the + content of this attribute name. If this option is not + set, the check will always fail, so role objects cannot + be stored in a referral tree. + type: string + roleAttributeID: + description: Name of the attribute containing the user + roles. + type: string + roleAttributeIsDN: + description: Whether or not the roleAttributeID contains + the fully-qualified DN of a role object. If false, the + role name is taken from the value of the roleNameAttributeId + attribute of the context name. Certain directory schemas, + such as Microsoft Active Directory, require this attribute + to be set to true. + type: boolean + roleFilter: + description: A search filter used to locate the roles + associated with the authenticated user. The input username + or userDN obtained from the login module callback is + substituted into the filter anywhere a {0} expression + is used. The authenticated userDN is substituted into + the filter anywhere a {1} is used. An example search + filter that matches on the input username is (member={0}). + An alternative that matches on the authenticated userDN + is (member={1}). + type: string + roleNameAttributeID: + description: Name of the attribute within the roleCtxDN + context which contains the role name. If the roleAttributeIsDN + property is set to true, this property is used to find + the role object’s name attribute. + type: string + roleRecursion: + description: The number of levels of recursion the role + search will go below a matching context. Disable recursion + by setting this to 0. + format: int16 + type: integer + rolesCtxDN: + description: The fixed DN of the context to search for + user roles. This is not the DN where the actual roles + are, but the DN where the objects containing the user + roles are. For example, in a Microsoft Active Directory + server, this is the DN where the user account is. + type: string + searchScope: + description: SearchScopeType Type used to define how the + LDAP searches are performed + enum: + - SUBTREE_SCOPE + - OBJECT_SCOPE + - ONELEVEL_SCOPE + type: string + searchTimeLimit: + description: The timeout in milliseconds for user or role + searches. + format: int32 + type: integer + url: + description: LDAP endpoint to connect for authentication. + For failover set two or more LDAP endpoints separated + by space + type: string + usernameBeginString: + description: Defines the String which is to be removed + from the start of the DN to reveal the username. This + option is used together with usernameEndString and only + taken into account if parseUsername is set to true. + type: string + usernameEndString: + description: Defines the String which is to be removed + from the end of the DN to reveal the username. This + option is used together with usernameBeginString and + only taken into account if parseUsername is set to true. + type: string + required: + - url + type: object + roleMapper: + description: When present, the RoleMapping Login Module will + be configured. + properties: + from: + description: ObjRef contains enough information to let + you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + replaceRole: + type: boolean + rolesProperties: + type: string + required: + - rolesProperties + type: object + sso: + description: SSOAuthConfig Authentication configuration for + SSO + properties: + adminPassword: + description: RH-SSO Realm Admin Password used to create + the Client + format: password + type: string + adminUser: + description: RH-SSO Realm Admin Username used to create + the Client if it doesn't exist + type: string + disableSSLCertValidation: + description: RH-SSO Disable SSL Certificate Validation + type: boolean + principalAttribute: + description: RH-SSO Principal Attribute to use as username + type: string + realm: + description: RH-SSO Realm name + type: string + url: + description: RH-SSO URL + type: string + required: + - realm + - url + type: object + type: object + commonConfig: + description: CommonConfig variables used in the templates + properties: + adminPassword: + description: The password to use for the adminUser. + format: password + type: string + adminUser: + description: The user to use for the admin. + type: string + amqClusterPassword: + description: The password to use for amq cluster user. + format: password + type: string + amqPassword: + description: The password to use for amq user. + format: password + type: string + applicationName: + description: The name of the application deployment. + type: string + dbPassword: + description: The password to use for databases. + format: password + type: string + keyStorePassword: + description: The password to use for keystore generation. + format: password + type: string + type: object + environment: + description: The name of the environment used as a baseline + enum: + - rhdm-authoring-ha + - rhdm-authoring + - rhdm-production-immutable + - rhdm-trial + - rhpam-authoring-ha + - rhpam-authoring + - rhpam-production-immutable + - rhpam-production + - rhpam-standalone-dashbuilder + - rhpam-trial + type: string + imageRegistry: + description: If required imagestreams are missing in both the + 'openshift' and local namespaces, the operator will create said + imagestreams locally using the registry specified here. + properties: + insecure: + description: A flag used to indicate the specified registry + is insecure. Defaults to 'false'. + type: boolean + registry: + description: Image registry's base 'url:port'. e.g. registry.example.com:5000. + Defaults to 'registry.redhat.io'. + type: string + type: object + objects: + description: Configuration of the RHPAM components + properties: + console: + description: ConsoleObject configuration of the RHPAM workbench + properties: + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will + never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + gitHooks: + description: GitHooksVolume GitHooks volume configuration + properties: + from: + description: ObjRef contains enough information to + let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. + For example, if the object reference is to a + container within a pod, this would take on a + value like: "spec.containers{name}" (where "name" + refers to the name of the container that triggered + the event) or if no container name is specified + "spec.containers[2]" (container with index 2 + in this pod). This syntax is chosen only to + have some well-defined way of referencing a + part of an object. TODO: this design is not + final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + mountPath: + description: Absolute path where the gitHooks folder + will be mounted. + type: string + sshSecret: + description: 'Secret to use for ssh key and known + hosts file. The secret must contain two files: id_rsa + and known_hosts.' + type: string + type: object + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by + the KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC + time versus previous GC times when determining + the new heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of + this variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after + GC to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after + GC to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent + outside the garbage collection (for example, the + time spent for application execution) to the time + spent in the garbage collection, it's desirable + that not more than 1 / (1 + n) e.g. 99 and means + 1% spent on gc, 4 means spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap memory. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xms' is set + to a ratio of the '-Xmx' memory as set here. The + default is '25' which means 25% of the '-Xmx' is + used as the initial heap size. You can skip this + mechanism by setting this value to '0' in which + case no '-Xms' option is added. e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a container + without any memory constraints for the container + then this option has no effect. If there is a memory + constraint then '-Xms' is limited to the value set + here. The default is 4096Mb which means the calculated + value of '-Xms' never will be greater than 4096Mb. + The value of this variable is expressed in MB. e.g. + '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is set + to a ratio of the container available memory as + set here. The default is '50' which means 50% of + the available memory is used as an upper boundary. + You can skip this mechanism by setting this value + to '0' in which case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + pvSize: + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the + SSO integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + dashbuilder: + description: DashbuilderObject configuration of the RHPAM + Dashbuilder + properties: + config: + description: DashbuilderConfig holds all configurations + that can be applied to the Dashbuilder env + properties: + allowExternalFileRegister: + description: Allow download of external (remote) files + into runtime. Default value is false + type: boolean + componentEnable: + description: When set to true enables external components. + type: boolean + componentPartition: + description: Components will be partitioned by the + Runtime Model ID. Default value is true + type: boolean + configMapProps: + description: Properties file with Dashbuilder configurations, + if set, uniq properties will be appended and, if + a property is set mode than once, the one from this + property file will be used. + type: string + dataSetPartition: + description: Datasets IDs will partitioned by the + Runtime Model ID. Default value is true + type: boolean + enableBusinessCentral: + description: Enables integration with Business Central + type: boolean + enableKieServer: + description: Enables integration with KIE Server + type: boolean + externalCompDir: + description: Base Directory where dashboards ZIPs + are stored. If PersistentConfigs is enabled and + ExternalCompDir is not pointing to a already existing + PV the /opt/kie/dashbuilder/components directory + will be used. + type: string + importFileLocation: + description: Set a static dashboard to run with runtime. + When this property is set no new imports are allowed. + type: string + importsBaseDir: + description: Base Directory where dashboards ZIPs + are stored. If PersistentConfigs is enabled and + ImportsBaseDir is not pointing to a already existing + PV the /opt/kie/dashbuilder/imports directory will + be used. If ImportFileLocation is set ImportsBaseDir + will be ignored. + type: string + kieServerDataSets: + description: Defines the KIE Server Datasets access + configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + kieServerTemplates: + description: Defines the KIE Server Templates access + configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + modelFileRemoval: + description: When enabled will also remove actual + model file from file system. Default value is false. + type: boolean + modelUpdate: + description: Allows Runtime to check model last update + in FS to update its content. Default value is true. + type: boolean + persistentConfigs: + description: Make Dashbuilder not ephemeral. If ImportFileLocation + is set PersistentConfigs will be ignored. Default + value is true. + type: boolean + runtimeMultipleImport: + description: Runtime will always allow use of new + imports (multi tenancy). Default value is false. + type: boolean + uploadSize: + description: Limits the size of uploaded dashboards + (in kb). Default value is 10485760 kb. + format: int64 + type: integer + type: object + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will + never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by + the KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC + time versus previous GC times when determining + the new heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of + this variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after + GC to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after + GC to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent + outside the garbage collection (for example, the + time spent for application execution) to the time + spent in the garbage collection, it's desirable + that not more than 1 / (1 + n) e.g. 99 and means + 1% spent on gc, 4 means spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap memory. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xms' is set + to a ratio of the '-Xmx' memory as set here. The + default is '25' which means 25% of the '-Xmx' is + used as the initial heap size. You can skip this + mechanism by setting this value to '0' in which + case no '-Xms' option is added. e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a container + without any memory constraints for the container + then this option has no effect. If there is a memory + constraint then '-Xms' is limited to the value set + here. The default is 4096Mb which means the calculated + value of '-Xms' never will be greater than 4096Mb. + The value of this variable is expressed in MB. e.g. + '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is set + to a ratio of the container available memory as + set here. The default is '50' which means 50% of + the available memory is used as an upper boundary. + You can skip this mechanism by setting this value + to '0' in which case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the + SSO integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + processMigration: + description: ProcessMigrationObject configuration of the RHPAM + PIM + properties: + database: + description: ProcessMigrationDatabaseObject Defines how + a Process Migration server will manage and create a + new Database or connect to an existing one + properties: + externalConfig: + description: CommonExtDBObjectRequiredURL common configuration + definition of an external database + properties: + backgroundValidation: + description: Sets the sql validation method to + background-validation, if set to false the validate-on-match + method will be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + driver: + description: Driver name to use. For example, + mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should + be broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + jdbcURL: + description: Database JDBC URL. For example, jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for the + configured datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for the + configured datasource. + type: string + password: + description: External database password + format: password + type: string + username: + description: External database username + type: string + required: + - driver + - jdbcURL + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to + create. For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + image: + description: The image to use for Process Instance Migration + e.g. rhpam-process-migration-rhel8, this param is optional + for custom image. + type: string + imageContext: + description: The image context to use for Process Instance + Migration e.g. rhpam-7, this param is optional for + custom image. + type: string + imageTag: + description: The image tag to use for Process Instance + Migration e.g. 7.9.0, this param is optional for custom + image. + type: string + type: object + servers: + description: Configuration of the each individual KIE server + items: + description: KieServerSet KIE Server configuration for a + single set, or for multiple sets if deployments is set + to >1 + properties: + build: + description: KieAppBuildObject Data to define how to + build an application from source + properties: + artifactDir: + description: List of directories from which archives + will be copied into the deployment folder. If + unspecified, all archives in /target will be copied. + type: string + env: + description: Env set environment variables for BuildConfigs + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined + environment variables in the container and + any service environment variables. If a + variable cannot be resolved, the reference + in the input string will be unchanged. The + $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the + container: only resources limits and + requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + extensionImageInstallDir: + description: Full path to the directory within the + extensions image where the extensions are located + (e.g. install.sh, modules/, etc.). + type: string + extensionImageStreamTag: + description: ImageStreamTag definition for the image + containing the drivers and configuration. For + example, custom-driver-image:7.7.0. + type: string + extensionImageStreamTagNamespace: + description: Namespace within which the ImageStream + definition for the image containing the drivers + and configuration is located. Defaults to openshift + namespace. + type: string + from: + description: ImageObjRef contains enough information + to let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an + object instead of an entire object, this string + should contain a valid JSON/Go field access + statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to + a container within a pod, this would take + on a value like: "spec.containers{name}" (where + "name" refers to the name of the container + that triggered the event) or if no container + name is specified "spec.containers[2]" (container + with index 2 in this pod). This syntax is + chosen only to have some well-defined way + of referencing a part of an object. TODO: + this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + gitSource: + description: GitSource Git coordinates to locate + the source code to build + properties: + contextDir: + description: Context/subdirectory where the + code is located, relatively to repo root + type: string + reference: + description: Branch to use in the git repository + type: string + uri: + description: Git URI for the s2i source + type: string + required: + - reference + - uri + type: object + kieServerContainerDeployment: + description: The Maven GAV to deploy, e.g., rhpam-kieserver-library=org.openshift.quickstarts:rhpam-kieserver-library:1.5.0-SNAPSHOT + type: string + mavenMirrorURL: + description: Maven mirror to use for S2I builds + type: string + webhooks: + items: + description: WebhookSecret Secret to use for a + given webhook + properties: + secret: + type: string + type: + description: WebhookType literal type to distinguish + between different types of Webhooks + enum: + - GitHub + - Generic + type: string + required: + - secret + - type + type: object + minItems: 1 + type: array + type: object + database: + description: DatabaseObject Defines how a KieServer + will manage and create a new Database or connect to + an existing one + properties: + externalConfig: + description: ExternalDatabaseObject configuration + definition of an external database + properties: + backgroundValidation: + description: Sets the sql validation method + to background-validation, if set to false + the validate-on-match method will be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + dialect: + description: Hibernate dialect class to use. + For example, org.hibernate.dialect.MySQL8Dialect + type: string + driver: + description: Driver name to use. For example, + mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should + be broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + host: + description: Database Host. For example, mydb.example.com + type: string + jdbcURL: + description: Database JDBC URL. For example, + jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for + the configured datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for + the configured datasource. + type: string + name: + description: Database Name. For example, rhpam + type: string + nonXA: + description: Sets the datasources type. It can + be XA or NONXA. For non XA set it to true. + Default value is false. + type: string + password: + description: External database password + format: password + type: string + port: + description: Database Port. For example, 3306 + type: string + username: + description: External database username + type: string + required: + - dialect + - driver + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to + create. For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + deployments: + description: Number of Server sets that will be deployed + format: int + type: integer + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + from: + description: ImageObjRef contains enough information + to let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to + the name of the container that triggered the event) + or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax + is chosen only to have some well-defined way of + referencing a part of an object. TODO: this design + is not final and this field is subject to change + in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + id: + description: Server ID + type: string + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, + this param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jms: + description: KieAppJmsObject messaging specification + to be used by the KieApp + properties: + amqEnableSSL: + description: Not intended to be set by the user, + if will be set to true if all required SSL parameters + are set. + type: boolean + amqKeystoreName: + description: The name of the AMQ keystore file. + type: string + amqKeystorePassword: + description: The password for the AMQ keystore and + certificate. + format: password + type: string + amqQueues: + description: AMQ broker broker comma separated queues, + if empty the values from default queues will be + used. + type: string + amqSecretName: + description: The name of a secret containing AMQ + SSL related files. + type: string + amqTruststoreName: + description: The name of the AMQ SSL Trust Store + file. + type: string + amqTruststorePassword: + description: The password for the AMQ Trust Store. + format: password + type: string + auditTransacted: + description: Determines if JMS session is transacted + or not - default true. + type: boolean + enableAudit: + description: Enable the Audit logging through JMS. + Default is false. + type: boolean + enableIntegration: + description: When set to true will configure the + KIE Server with JMS integration, if no configuration + is added, the default will be used. + type: boolean + enableSignal: + description: Enable the Signal configuration through + JMS. Default is false. + type: boolean + executor: + description: Set false to disable the JMS executor, + it is enabled by default. + type: boolean + executorTransacted: + description: Enable transactions for JMS executor, + disabled by default. + type: boolean + password: + description: AMQ broker password to connect do the + AMQ, generated if empty. + format: password + type: string + queueAudit: + description: JNDI name of audit logging queue for + JMS, example queue/CUSTOM.KIE.SERVER.AUDIT, default + is queue/KIE.SERVER.AUDIT. + type: string + queueExecutor: + description: JNDI name of executor queue for JMS, + example queue/CUSTOM.KIE.SERVER.EXECUTOR, default + is queue/KIE.SERVER.EXECUTOR. + type: string + queueRequest: + description: JNDI name of request queue for JMS, + example queue/CUSTOM.KIE.SERVER.REQUEST, default + is queue/KIE.SERVER.REQUEST. + type: string + queueResponse: + description: JNDI name of response queue for JMS, + example queue/CUSTOM.KIE.SERVER.RESPONSE, default + is queue/KIE.SERVER.RESPONSE. + type: string + queueSignal: + description: JNDI name of signal queue for JMS, + example queue/CUSTOM.KIE.SERVER.SIGNAL, default + is queue/KIE.SERVER.SIGNAL. + type: string + username: + description: AMQ broker username to connect do the + AMQ, generated if empty. + type: string + required: + - enableIntegration + type: object + jvm: + description: JvmObject JVM specification to be used + by the KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current + GC time versus previous GC times when determining + the new heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of + this variable should contain the necessary JRE + command-line options to specify the required GC, + which will override the default of '-XX:+UseParallelOldGC'. + e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after + GC to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega + bytes unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after + GC to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent + outside the garbage collection (for example, the + time spent for application execution) to the time + spent in the garbage collection, it's desirable + that not more than 1 / (1 + n) e.g. 99 and means + 1% spent on gc, 4 means spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. + Disabled by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap + memory. If used in a container without any memory + constraints for the container then this option + has no effect. If there is a memory constraint + then '-Xms' is set to a ratio of the '-Xmx' memory + as set here. The default is '25' which means 25% + of the '-Xmx' is used as the initial heap size. + You can skip this mechanism by setting this value + to '0' in which case no '-Xms' option is added. + e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a + container without any memory constraints for the + container then this option has no effect. If there + is a memory constraint then '-Xms' is limited + to the value set here. The default is 4096Mb which + means the calculated value of '-Xms' never will + be greater than 4096Mb. The value of this variable + is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is + set to a ratio of the container available memory + as set here. The default is '50' which means 50% + of the available memory is used as an upper boundary. + You can skip this mechanism by setting this value + to '0' in which case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + name: + description: Server name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the + SSO integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect + URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + type: array + smartRouter: + description: SmartRouterObject configuration of the RHPAM + smart router + properties: + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will + never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + keystoreSecret: + description: Keystore secret name + type: string + protocol: + description: Smart Router protocol, if no value is provided, + http is the default protocol. + enum: + - http + - https + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + storageClassName: + description: The storageClassName to use + type: string + useExternalRoute: + description: If enabled, Business Central will use the + external smartrouter route to communicate with it. Note + that, valid SSL certificates should be used. + type: boolean + type: object + type: object + upgrades: + description: Specify the level of product upgrade that should + be allowed when an older product version is detected + properties: + enabled: + description: Set true to enable automatic micro version product + upgrades, it is disabled by default. + type: boolean + minor: + description: Set true to enable automatic minor product version + upgrades, it is disabled by default. Requires spec.upgrades.enabled + to be true. + type: boolean + type: object + useImageTags: + description: Set true to enable image tags, disabled by default. + This will leverage image tags instead of the image digests. + type: boolean + version: + description: The version of the application deployment. + type: string + required: + - environment + type: object + conditions: + items: + description: Condition - The condition for the kie-cloud-operator + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + description: ReasonType - type of reason + type: string + status: + type: string + type: + description: ConditionType - type of condition + type: string + version: + type: string + required: + - status + - type + type: object + type: array + consoleHost: + type: string + deployments: + properties: + ready: + description: Deployments are ready to serve requests + items: + type: string + type: array + starting: + description: Deployments are starting, may or may not succeed + items: + type: string + type: array + stopped: + description: Deployments are not starting, unclear what next step + will be + items: + type: string + type: array + type: object + phase: + description: ConditionType - type of condition + type: string + version: + type: string + required: + - conditions + - deployments + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/deploy/olm-catalog/prod/7.10.1-3/manifests/businessautomation-operator.7.10.1-3.clusterserviceversion.yaml b/deploy/olm-catalog/prod/7.10.1-3/manifests/businessautomation-operator.7.10.1-3.clusterserviceversion.yaml new file mode 100644 index 000000000..051fd9399 --- /dev/null +++ b/deploy/olm-catalog/prod/7.10.1-3/manifests/businessautomation-operator.7.10.1-3.clusterserviceversion.yaml @@ -0,0 +1,461 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: '[{"apiVersion":"app.kiegroup.org/v2","kind":"KieApp","metadata":{"name":"rhpam-trial"},"spec":{"environment":"rhpam-trial"}}]' + capabilities: Seamless Upgrades + categories: Integration & Delivery + certified: "true" + containerImage: registry.stage.redhat.io/rhpam-7/rhpam-rhel8-operator:7.10.1 + createdAt: "2021-04-16 12:35:56" + description: Deploys and manages Red Hat Process Automation Manager and Red Hat Decision Manager environments. + operators.openshift.io/infrastructure-features: '["Disconnected"]' + repository: https://github.com/kiegroup/kie-cloud-operator + support: Red Hat + tectonic-visibility: ocs + labels: + operator-businessautomation: "true" + operatorframework.io/arch.amd64: supported + operatorframework.io/os.linux: supported + name: businessautomation-operator.7.10.1-3 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: A project prescription running an RHPAM/RHDM environment. + displayName: KieApp + kind: KieApp + name: kieapps.app.kiegroup.org + resources: + - kind: DeploymentConfig + name: "" + version: apps.openshift.io/v1 + - kind: StatefulSet + name: "" + version: apps/v1 + - kind: Role + name: "" + version: rbac.authorization.k8s.io/v1 + - kind: RoleBinding + name: "" + version: rbac.authorization.k8s.io/v1 + - kind: Route + name: "" + version: route.openshift.io/v1 + - kind: BuildConfig + name: "" + version: build.openshift.io/v1 + - kind: ImageStream + name: "" + version: image.openshift.io/v1 + - kind: Secret + name: "" + version: v1 + - kind: PersistentVolumeClaim + name: "" + version: v1 + - kind: ServiceAccount + name: "" + version: v1 + - kind: Service + name: "" + version: v1 + specDescriptors: + - description: Set true to enable automatic micro version product upgrades, it is disabled by default. + displayName: Enable Upgrades + path: upgrades.enabled + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - description: Set true to enable automatic minor product version upgrades, it is disabled by default. Requires spec.upgrades.enabled to be true. + displayName: Include minor version upgrades + path: upgrades.minor + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - description: Set true to enable image tags, disabled by default. This will leverage image tags instead of the image digests. + displayName: Use Image Tags + path: useImageTags + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - description: Environment deployed. + displayName: Environment + path: environment + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:label + statusDescriptors: + - description: Product version installed. + displayName: Version + path: version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:label + - description: Current phase. + displayName: Status + path: phase + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:label + - description: The address for accessing Business Central, if it is deployed. + displayName: Business/Decision Central URL + path: consoleHost + x-descriptors: + - urn:alm:descriptor:org.w3:link + - description: Deployments for the KieApp environment. + displayName: Deployments + path: deployments + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:podStatuses + version: v2 + description: |- + Deploys and manages Red Hat Process Automation Manager and Red Hat Decision Manager environments. + + * **Red Hat Process Automation Manager** is a platform for developing containerized microservices and applications that automate business decisions and processes. It includes business process management (BPM), business rules management (BRM), and business resource optimization and complex event processing (CEP) technologies. It also includes a user experience platform to create engaging user interfaces for process and decision services with minimal coding. + + * **Red Hat Decision Manager** is a platform for developing containerized microservices and applications that automate business decisions. It includes business rules management, complex event processing, and resource optimization technologies. Organizations can incorporate sophisticated decision logic into line-of-business applications and quickly update underlying business rules as market conditions change. + + [See more](https://www.redhat.com/en/products/process-automation). + displayName: Business Automation + icon: + - base64data: PHN2ZyBpZD0iTGF5ZXJfMSIgZGF0YS1uYW1lPSJMYXllciAxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCA3MjEuMTUgNzIxLjE1Ij48ZGVmcz48c3R5bGU+LmNscy0xe2ZpbGw6I2RkMzkyNjt9LmNscy0ye2ZpbGw6I2NjMzQyNzt9LmNscy0ze2ZpbGw6I2ZmZjt9LmNscy00e2ZpbGw6I2U1ZTVlNDt9PC9zdHlsZT48L2RlZnM+PHRpdGxlPlByb2R1Y3RfSWNvbi1SZWRfSGF0LUF1dG9tYXRpb24tUkdCPC90aXRsZT48Y2lyY2xlIGNsYXNzPSJjbHMtMSIgY3g9IjM2MC41NyIgY3k9IjM2MC41NyIgcj0iMzU4LjU4Ii8+PHBhdGggY2xhc3M9ImNscy0yIiBkPSJNNjEzLjc4LDEwNy4wOSwxMDYuNzIsNjE0LjE2YzE0MC4xNCwxMzguNjIsMzY2LjExLDEzOC4xNiw1MDUuNjctMS40Uzc1Mi40LDI0Ny4yNCw2MTMuNzgsMTA3LjA5WiIvPjxwb2x5Z29uIGNsYXNzPSJjbHMtMyIgcG9pbnRzPSIzNzguOTcgMzI3LjQ4IDQ2MS43NyAxNTkuNTcgMjU5LjY3IDE1OS40OSAyNTkuNjcgNDEzLjEgMzA2Ljk3IDQxMy43OCAzOTMuMjcgMzI3LjQ3IDM3OC45NyAzMjcuNDgiLz48cG9seWdvbiBjbGFzcz0iY2xzLTQiIHBvaW50cz0iMzU5LjYgNTc4LjA2IDQ4Mi41NSAzMjcuNDUgMzkzLjI3IDMyNy40NyAzMDYuOTcgNDEzLjc4IDM1OS42IDQxNC41MiAzNTkuNiA1NzguMDYiLz48L3N2Zz4= + mediatype: image/svg+xml + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - console.openshift.io + resources: + - consolelinks + - consoleyamlsamples + verbs: + - get + - create + - update + - delete + serviceAccountName: business-automation-operator + deployments: + - name: business-automation-operator + spec: + replicas: 1 + selector: + matchLabels: + name: business-automation-operator + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + labels: + name: business-automation-operator + spec: + containers: + - command: + - kie-cloud-operator + env: + - name: OPERATOR_NAME + valueFrom: + fieldRef: + fieldPath: metadata.labels['name'] + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_UI + value: "true" + - name: DEBUG + value: "false" + - name: RELATED_IMAGE_DM_KIESERVER_IMAGE_7.9.1 + value: registry.redhat.io/rhdm-7/rhdm-kieserver-rhel8:7.9.1 + - name: RELATED_IMAGE_DM_CONTROLLER_IMAGE_7.9.1 + value: registry.redhat.io/rhdm-7/rhdm-controller-rhel8:7.9.1 + - name: RELATED_IMAGE_DM_DC_IMAGE_7.9.1 + value: registry.redhat.io/rhdm-7/rhdm-decisioncentral-rhel8:7.9.1 + - name: RELATED_IMAGE_PAM_KIESERVER_IMAGE_7.9.1 + value: registry.redhat.io/rhpam-7/rhpam-kieserver-rhel8:7.9.1 + - name: RELATED_IMAGE_PAM_CONTROLLER_IMAGE_7.9.1 + value: registry.redhat.io/rhpam-7/rhpam-controller-rhel8:7.9.1 + - name: RELATED_IMAGE_PAM_BC_IMAGE_7.9.1 + value: registry.redhat.io/rhpam-7/rhpam-businesscentral-rhel8:7.9.1 + - name: RELATED_IMAGE_PAM_BC_MONITORING_IMAGE_7.9.1 + value: registry.redhat.io/rhpam-7/rhpam-businesscentral-monitoring-rhel8:7.9.1 + - name: RELATED_IMAGE_PAM_SMARTROUTER_IMAGE_7.9.1 + value: registry.redhat.io/rhpam-7/rhpam-smartrouter-rhel8:7.9.1 + - name: RELATED_IMAGE_PAM_PROCESS_MIGRATION_IMAGE_7.9.1 + value: registry.redhat.io/rhpam-7/rhpam-process-migration-rhel8:7.9.1 + - name: RELATED_IMAGE_OSE_CLI_IMAGE_7.9.1 + value: registry.redhat.io/openshift3/ose-cli:v3.11 + - name: RELATED_IMAGE_MYSQL_PROXY_IMAGE_7.9.1 + value: registry.redhat.io/rhscl/mysql-80-rhel7:latest + - name: RELATED_IMAGE_POSTGRESQL_PROXY_IMAGE_7.9.1 + value: registry.redhat.io/rhscl/postgresql-10-rhel7:latest + - name: RELATED_IMAGE_DATAGRID_IMAGE_7.9.1 + value: registry.redhat.io/jboss-datagrid-7/datagrid73-openshift:1.6 + - name: RELATED_IMAGE_BROKER_IMAGE_7.9.1 + value: registry.redhat.io/amq7/amq-broker:7.7 + - name: RELATED_IMAGE_DM_KIESERVER_IMAGE_7.10.1 + value: registry.stage.redhat.io/rhdm-7/rhdm-kieserver-rhel8:7.10.1 + - name: RELATED_IMAGE_DM_CONTROLLER_IMAGE_7.10.1 + value: registry.stage.redhat.io/rhdm-7/rhdm-controller-rhel8:7.10.1 + - name: RELATED_IMAGE_DM_DC_IMAGE_7.10.1 + value: registry.stage.redhat.io/rhdm-7/rhdm-decisioncentral-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_KIESERVER_IMAGE_7.10.1 + value: registry.stage.redhat.io/rhpam-7/rhpam-kieserver-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_CONTROLLER_IMAGE_7.10.1 + value: registry.stage.redhat.io/rhpam-7/rhpam-controller-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_BC_IMAGE_7.10.1 + value: registry.stage.redhat.io/rhpam-7/rhpam-businesscentral-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_BC_MONITORING_IMAGE_7.10.1 + value: registry.stage.redhat.io/rhpam-7/rhpam-businesscentral-monitoring-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_SMARTROUTER_IMAGE_7.10.1 + value: registry.stage.redhat.io/rhpam-7/rhpam-smartrouter-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_PROCESS_MIGRATION_IMAGE_7.10.1 + value: registry.stage.redhat.io/rhpam-7/rhpam-process-migration-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_DASHBUILDER_IMAGE_7.10.1 + value: registry.stage.redhat.io/rhpam-7/rhpam-dashbuilder-rhel8:7.10.1 + - name: RELATED_IMAGE_OSE_CLI_IMAGE_7.10.1 + value: registry.redhat.io/openshift3/ose-cli:v3.11 + - name: RELATED_IMAGE_MYSQL_PROXY_IMAGE_7.10.1 + value: registry.redhat.io/rhscl/mysql-80-rhel7:latest + - name: RELATED_IMAGE_POSTGRESQL_PROXY_IMAGE_7.10.1 + value: registry.redhat.io/rhscl/postgresql-10-rhel7:latest + - name: RELATED_IMAGE_DATAGRID_IMAGE_7.10.1 + value: registry.redhat.io/jboss-datagrid-7/datagrid73-openshift:1.6 + - name: RELATED_IMAGE_BROKER_IMAGE_7.10.1 + value: registry.redhat.io/amq7/amq-broker:7.8 + - name: RELATED_IMAGE_DM_KIESERVER_IMAGE_7.10.0 + value: registry.redhat.io/rhdm-7/rhdm-kieserver-rhel8:7.10.0 + - name: RELATED_IMAGE_DM_CONTROLLER_IMAGE_7.10.0 + value: registry.redhat.io/rhdm-7/rhdm-controller-rhel8:7.10.0 + - name: RELATED_IMAGE_DM_DC_IMAGE_7.10.0 + value: registry.redhat.io/rhdm-7/rhdm-decisioncentral-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_KIESERVER_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-kieserver-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_CONTROLLER_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-controller-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_BC_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-businesscentral-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_BC_MONITORING_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-businesscentral-monitoring-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_SMARTROUTER_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-smartrouter-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_PROCESS_MIGRATION_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-process-migration-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_DASHBUILDER_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-dashbuilder-rhel8:7.10.0 + - name: RELATED_IMAGE_OSE_CLI_IMAGE_7.10.0 + value: registry.redhat.io/openshift3/ose-cli:v3.11 + - name: RELATED_IMAGE_MYSQL_PROXY_IMAGE_7.10.0 + value: registry.redhat.io/rhscl/mysql-80-rhel7:latest + - name: RELATED_IMAGE_POSTGRESQL_PROXY_IMAGE_7.10.0 + value: registry.redhat.io/rhscl/postgresql-10-rhel7:latest + - name: RELATED_IMAGE_DATAGRID_IMAGE_7.10.0 + value: registry.redhat.io/jboss-datagrid-7/datagrid73-openshift:1.6 + - name: RELATED_IMAGE_BROKER_IMAGE_7.10.0 + value: registry.redhat.io/amq7/amq-broker:7.8 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_LATEST + value: registry.redhat.io/openshift4/ose-oauth-proxy:latest + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.7 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.7 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.6 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.6 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.5 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.5 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.4 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.4 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.3 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.3 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.2 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.2 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.1 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.1 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_3 + value: registry.redhat.io/openshift3/oauth-proxy:latest + image: registry.stage.redhat.io/rhpam-7/rhpam-rhel8-operator:7.10.1 + imagePullPolicy: Always + name: business-automation-operator + resources: {} + serviceAccountName: business-automation-operator + permissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + - pods + - services + - services/finalizers + - serviceaccounts + - persistentvolumeclaims + - secrets + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - deployments + - deployments/finalizers + - replicasets + - statefulsets + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - apps.openshift.io + resources: + - deploymentconfigs + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + - roles + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - route.openshift.io + resources: + - routes + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - build.openshift.io + resources: + - buildconfigs + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - image.openshift.io + resources: + - images + - imagestreams + - imagestreamimages + - imagestreamtags + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - app.kiegroup.org + resources: + - kieapps + - kieapps/status + - kieapps/finalizers + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + - create + - apiGroups: + - operators.coreos.com + resources: + - clusterserviceversions + - subscriptions + verbs: + - get + - list + - patch + - update + - watch + serviceAccountName: business-automation-operator + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: false + type: AllNamespaces + keywords: + - kieapp + - pam + - decision + - kie + - cloud + - bpm + - process + - automation + - operator + labels: + alm-owner-businessautomation: businessautomation-operator + operated-by: businessautomation-operator.7.10.1-3 + links: + - name: Product Page + url: https://access.redhat.com/products/red-hat-process-automation-manager + - name: Documentation + url: https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.10/#category-deploying-red-hat-process-automation-manager-on-openshift + maintainers: + - email: bsig-cloud@redhat.com + name: Red Hat + maturity: stable + provider: + name: Red Hat + replaces: businessautomation-operator.7.10.1-2 + selector: + matchLabels: + alm-owner-businessautomation: businessautomation-operator + operated-by: businessautomation-operator.7.10.1-3 + version: 7.10.1-3 diff --git a/deploy/olm-catalog/prod/7.10.1-3/manifests/kieapp.crd.yaml b/deploy/olm-catalog/prod/7.10.1-3/manifests/kieapp.crd.yaml new file mode 100644 index 000000000..62a6ef582 --- /dev/null +++ b/deploy/olm-catalog/prod/7.10.1-3/manifests/kieapp.crd.yaml @@ -0,0 +1,4348 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kieapps.app.kiegroup.org +spec: + group: app.kiegroup.org + names: + kind: KieApp + listKind: KieAppList + plural: kieapps + singular: kieapp + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The version of the application deployment + jsonPath: .status.version + name: Version + type: string + - description: The name of the environment used as a baseline + jsonPath: .spec.environment + name: Environment + type: string + - description: The status of the KieApp deployment + jsonPath: .status.phase + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v2 + schema: + openAPIV3Schema: + description: KieApp is the Schema for the kieapps API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KieAppSpec defines the desired state of KieApp + properties: + auth: + description: KieAppAuthObject Authentication specification to be used + by the KieApp + properties: + ldap: + description: LDAPAuthConfig Authentication configuration for LDAP + properties: + baseCtxDN: + description: LDAP Base DN of the top-level context to begin + the user search. + type: string + baseFilter: + description: DAP search filter used to locate the context + of the user to authenticate. The input username or userDN + obtained from the login module callback is substituted into + the filter anywhere a {0} expression is used. A common example + for the search filter is (uid={0}). + type: string + bindCredential: + description: LDAP Credentials used for authentication + format: password + type: string + bindDN: + description: Bind DN used for authentication + type: string + defaultRole: + description: A role included for all authenticated users + type: string + distinguishedNameAttribute: + description: The name of the attribute in the user entry that + contains the DN of the user. This may be necessary if the + DN of the user itself contains special characters, backslash + for example, that prevent correct user mapping. If the attribute + does not exist, the entry’s DN is used. + type: string + jaasSecurityDomain: + description: The JMX ObjectName of the JaasSecurityDomain + used to decrypt the password. + type: string + loginModule: + description: A flag to set login module to optional. The default + value is required + enum: + - optional + - required + type: string + parseRoleNameFromDN: + description: A flag indicating if the DN returned by a query + contains the roleNameAttributeID. If set to true, the DN + is checked for the roleNameAttributeID. If set to false, + the DN is not checked for the roleNameAttributeID. This + flag can improve the performance of LDAP queries. + type: boolean + parseUsername: + description: A flag indicating if the DN is to be parsed for + the username. If set to true, the DN is parsed for the username. + If set to false the DN is not parsed for the username. This + option is used together with usernameBeginString and usernameEndString. + type: boolean + referralUserAttributeIDToCheck: + description: If you are not using referrals, you can ignore + this option. When using referrals, this option denotes the + attribute name which contains users defined for a certain + role, for example member, if the role object is inside the + referral. Users are checked against the content of this + attribute name. If this option is not set, the check will + always fail, so role objects cannot be stored in a referral + tree. + type: string + roleAttributeID: + description: Name of the attribute containing the user roles. + type: string + roleAttributeIsDN: + description: Whether or not the roleAttributeID contains the + fully-qualified DN of a role object. If false, the role + name is taken from the value of the roleNameAttributeId + attribute of the context name. Certain directory schemas, + such as Microsoft Active Directory, require this attribute + to be set to true. + type: boolean + roleFilter: + description: A search filter used to locate the roles associated + with the authenticated user. The input username or userDN + obtained from the login module callback is substituted into + the filter anywhere a {0} expression is used. The authenticated + userDN is substituted into the filter anywhere a {1} is + used. An example search filter that matches on the input + username is (member={0}). An alternative that matches on + the authenticated userDN is (member={1}). + type: string + roleNameAttributeID: + description: Name of the attribute within the roleCtxDN context + which contains the role name. If the roleAttributeIsDN property + is set to true, this property is used to find the role object’s + name attribute. + type: string + roleRecursion: + description: The number of levels of recursion the role search + will go below a matching context. Disable recursion by setting + this to 0. + format: int16 + type: integer + rolesCtxDN: + description: The fixed DN of the context to search for user + roles. This is not the DN where the actual roles are, but + the DN where the objects containing the user roles are. + For example, in a Microsoft Active Directory server, this + is the DN where the user account is. + type: string + searchScope: + description: SearchScopeType Type used to define how the LDAP + searches are performed + enum: + - SUBTREE_SCOPE + - OBJECT_SCOPE + - ONELEVEL_SCOPE + type: string + searchTimeLimit: + description: The timeout in milliseconds for user or role + searches. + format: int32 + type: integer + url: + description: LDAP endpoint to connect for authentication. + For failover set two or more LDAP endpoints separated by + space + type: string + usernameBeginString: + description: Defines the String which is to be removed from + the start of the DN to reveal the username. This option + is used together with usernameEndString and only taken into + account if parseUsername is set to true. + type: string + usernameEndString: + description: Defines the String which is to be removed from + the end of the DN to reveal the username. This option is + used together with usernameBeginString and only taken into + account if parseUsername is set to true. + type: string + required: + - url + type: object + roleMapper: + description: When present, the RoleMapping Login Module will be + configured. + properties: + from: + description: ObjRef contains enough information to let you + inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + replaceRole: + type: boolean + rolesProperties: + type: string + required: + - rolesProperties + type: object + sso: + description: SSOAuthConfig Authentication configuration for SSO + properties: + adminPassword: + description: RH-SSO Realm Admin Password used to create the + Client + format: password + type: string + adminUser: + description: RH-SSO Realm Admin Username used to create the + Client if it doesn't exist + type: string + disableSSLCertValidation: + description: RH-SSO Disable SSL Certificate Validation + type: boolean + principalAttribute: + description: RH-SSO Principal Attribute to use as username + type: string + realm: + description: RH-SSO Realm name + type: string + url: + description: RH-SSO URL + type: string + required: + - realm + - url + type: object + type: object + commonConfig: + description: CommonConfig variables used in the templates + properties: + adminPassword: + description: The password to use for the adminUser. + format: password + type: string + adminUser: + description: The user to use for the admin. + type: string + amqClusterPassword: + description: The password to use for amq cluster user. + format: password + type: string + amqPassword: + description: The password to use for amq user. + format: password + type: string + applicationName: + description: The name of the application deployment. + type: string + dbPassword: + description: The password to use for databases. + format: password + type: string + keyStorePassword: + description: The password to use for keystore generation. + format: password + type: string + type: object + environment: + description: The name of the environment used as a baseline + enum: + - rhdm-authoring-ha + - rhdm-authoring + - rhdm-production-immutable + - rhdm-trial + - rhpam-authoring-ha + - rhpam-authoring + - rhpam-production-immutable + - rhpam-production + - rhpam-standalone-dashbuilder + - rhpam-trial + type: string + imageRegistry: + description: If required imagestreams are missing in both the 'openshift' + and local namespaces, the operator will create said imagestreams + locally using the registry specified here. + properties: + insecure: + description: A flag used to indicate the specified registry is + insecure. Defaults to 'false'. + type: boolean + registry: + description: Image registry's base 'url:port'. e.g. registry.example.com:5000. + Defaults to 'registry.redhat.io'. + type: string + type: object + objects: + description: Configuration of the RHPAM components + properties: + console: + description: ConsoleObject configuration of the RHPAM workbench + properties: + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + gitHooks: + description: GitHooksVolume GitHooks volume configuration + properties: + from: + description: ObjRef contains enough information to let + you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + mountPath: + description: Absolute path where the gitHooks folder will + be mounted. + type: string + sshSecret: + description: 'Secret to use for ssh key and known hosts + file. The secret must contain two files: id_rsa and + known_hosts.' + type: string + type: object + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param is + optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by the + KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC time + versus previous GC times when determining the new heap + size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of this + variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after GC + to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after GC + to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent outside + the garbage collection (for example, the time spent + for application execution) to the time spent in the + garbage collection, it's desirable that not more than + 1 / (1 + n) e.g. 99 and means 1% spent on gc, 4 means + spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate a default initial + heap memory based on the maximum heap memory. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xms' is set to a ratio of + the '-Xmx' memory as set here. The default is '25' which + means 25% of the '-Xmx' is used as the initial heap + size. You can skip this mechanism by setting this value + to '0' in which case no '-Xms' option is added. e.g. + '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate the maximum value + of the initial heap memory. If used in a container without + any memory constraints for the container then this option + has no effect. If there is a memory constraint then + '-Xms' is limited to the value set here. The default + is 4096Mb which means the calculated value of '-Xms' + never will be greater than 4096Mb. The value of this + variable is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given in + JAVA_OPTS. This is used to calculate a default maximal + heap memory based on a containers restriction. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xmx' is set to a ratio of + the container available memory as set here. The default + is '50' which means 50% of the available memory is used + as an upper boundary. You can skip this mechanism by + setting this value to '0' in which case no '-Xmx' option + is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + pvSize: + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the SSO + integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + dashbuilder: + description: DashbuilderObject configuration of the RHPAM Dashbuilder + properties: + config: + description: DashbuilderConfig holds all configurations that + can be applied to the Dashbuilder env + properties: + allowExternalFileRegister: + description: Allow download of external (remote) files + into runtime. Default value is false + type: boolean + componentEnable: + description: When set to true enables external components. + type: boolean + componentPartition: + description: Components will be partitioned by the Runtime + Model ID. Default value is true + type: boolean + configMapProps: + description: Properties file with Dashbuilder configurations, + if set, uniq properties will be appended and, if a property + is set mode than once, the one from this property file + will be used. + type: string + dataSetPartition: + description: Datasets IDs will partitioned by the Runtime + Model ID. Default value is true + type: boolean + enableBusinessCentral: + description: Enables integration with Business Central + type: boolean + enableKieServer: + description: Enables integration with KIE Server + type: boolean + externalCompDir: + description: Base Directory where dashboards ZIPs are + stored. If PersistentConfigs is enabled and ExternalCompDir + is not pointing to a already existing PV the /opt/kie/dashbuilder/components + directory will be used. + type: string + importFileLocation: + description: Set a static dashboard to run with runtime. + When this property is set no new imports are allowed. + type: string + importsBaseDir: + description: Base Directory where dashboards ZIPs are + stored. If PersistentConfigs is enabled and ImportsBaseDir + is not pointing to a already existing PV the /opt/kie/dashbuilder/imports + directory will be used. If ImportFileLocation is set + ImportsBaseDir will be ignored. + type: string + kieServerDataSets: + description: Defines the KIE Server Datasets access configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + kieServerTemplates: + description: Defines the KIE Server Templates access configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + modelFileRemoval: + description: When enabled will also remove actual model + file from file system. Default value is false. + type: boolean + modelUpdate: + description: Allows Runtime to check model last update + in FS to update its content. Default value is true. + type: boolean + persistentConfigs: + description: Make Dashbuilder not ephemeral. If ImportFileLocation + is set PersistentConfigs will be ignored. Default value + is true. + type: boolean + runtimeMultipleImport: + description: Runtime will always allow use of new imports + (multi tenancy). Default value is false. + type: boolean + uploadSize: + description: Limits the size of uploaded dashboards (in + kb). Default value is 10485760 kb. + format: int64 + type: integer + type: object + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param is + optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by the + KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC time + versus previous GC times when determining the new heap + size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of this + variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after GC + to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after GC + to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent outside + the garbage collection (for example, the time spent + for application execution) to the time spent in the + garbage collection, it's desirable that not more than + 1 / (1 + n) e.g. 99 and means 1% spent on gc, 4 means + spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate a default initial + heap memory based on the maximum heap memory. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xms' is set to a ratio of + the '-Xmx' memory as set here. The default is '25' which + means 25% of the '-Xmx' is used as the initial heap + size. You can skip this mechanism by setting this value + to '0' in which case no '-Xms' option is added. e.g. + '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate the maximum value + of the initial heap memory. If used in a container without + any memory constraints for the container then this option + has no effect. If there is a memory constraint then + '-Xms' is limited to the value set here. The default + is 4096Mb which means the calculated value of '-Xms' + never will be greater than 4096Mb. The value of this + variable is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given in + JAVA_OPTS. This is used to calculate a default maximal + heap memory based on a containers restriction. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xmx' is set to a ratio of + the container available memory as set here. The default + is '50' which means 50% of the available memory is used + as an upper boundary. You can skip this mechanism by + setting this value to '0' in which case no '-Xmx' option + is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the SSO + integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + processMigration: + description: ProcessMigrationObject configuration of the RHPAM + PIM + properties: + database: + description: ProcessMigrationDatabaseObject Defines how a + Process Migration server will manage and create a new Database + or connect to an existing one + properties: + externalConfig: + description: CommonExtDBObjectRequiredURL common configuration + definition of an external database + properties: + backgroundValidation: + description: Sets the sql validation method to background-validation, + if set to false the validate-on-match method will + be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + driver: + description: Driver name to use. For example, mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should be + broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + jdbcURL: + description: Database JDBC URL. For example, jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for the configured + datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for the configured + datasource. + type: string + password: + description: External database password + format: password + type: string + username: + description: External database username + type: string + required: + - driver + - jdbcURL + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to create. + For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + image: + description: The image to use for Process Instance Migration + e.g. rhpam-process-migration-rhel8, this param is optional + for custom image. + type: string + imageContext: + description: The image context to use for Process Instance + Migration e.g. rhpam-7, this param is optional for custom + image. + type: string + imageTag: + description: The image tag to use for Process Instance Migration + e.g. 7.9.0, this param is optional for custom image. + type: string + type: object + servers: + description: Configuration of the each individual KIE server + items: + description: KieServerSet KIE Server configuration for a single + set, or for multiple sets if deployments is set to >1 + properties: + build: + description: KieAppBuildObject Data to define how to build + an application from source + properties: + artifactDir: + description: List of directories from which archives + will be copied into the deployment folder. If unspecified, + all archives in /target will be copied. + type: string + disableKCVerification: + description: Disable Maven KIE Jar verification. It + is recommended to test the kjar manually before disabling + this verification. + type: boolean + disablePullDeps: + description: Disable Maven pull dependencies for immutable + KIE Server configurations for S2I and pre built kjars. + Useful for pre-compiled kjar. + type: boolean + env: + description: Env set environment variables for BuildConfigs + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + extensionImageInstallDir: + description: Full path to the directory within the extensions + image where the extensions are located (e.g. install.sh, + modules/, etc.). + type: string + extensionImageStreamTag: + description: ImageStreamTag definition for the image + containing the drivers and configuration. For example, + custom-driver-image:7.7.0. + type: string + extensionImageStreamTagNamespace: + description: Namespace within which the ImageStream + definition for the image containing the drivers and + configuration is located. Defaults to openshift namespace. + type: string + from: + description: ImageObjRef contains enough information + to let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to + the name of the container that triggered the event) + or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax + is chosen only to have some well-defined way of + referencing a part of an object. TODO: this design + is not final and this field is subject to change + in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + gitSource: + description: GitSource Git coordinates to locate the + source code to build + properties: + contextDir: + description: Context/subdirectory where the code + is located, relatively to repo root + type: string + reference: + description: Branch to use in the git repository + type: string + uri: + description: Git URI for the s2i source + type: string + required: + - reference + - uri + type: object + kieServerContainerDeployment: + description: The Maven GAV to deploy, e.g., rhpam-kieserver-library=org.openshift.quickstarts:rhpam-kieserver-library:1.5.0-SNAPSHOT + type: string + mavenMirrorURL: + description: Maven mirror to use for S2I builds + type: string + webhooks: + items: + description: WebhookSecret Secret to use for a given + webhook + properties: + secret: + type: string + type: + description: WebhookType literal type to distinguish + between different types of Webhooks + enum: + - GitHub + - Generic + type: string + required: + - secret + - type + type: object + minItems: 1 + type: array + type: object + database: + description: DatabaseObject Defines how a KieServer will + manage and create a new Database or connect to an existing + one + properties: + externalConfig: + description: ExternalDatabaseObject configuration definition + of an external database + properties: + backgroundValidation: + description: Sets the sql validation method to background-validation, + if set to false the validate-on-match method will + be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + dialect: + description: Hibernate dialect class to use. For + example, org.hibernate.dialect.MySQL8Dialect + type: string + driver: + description: Driver name to use. For example, mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should be + broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + host: + description: Database Host. For example, mydb.example.com + type: string + jdbcURL: + description: Database JDBC URL. For example, jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for the + configured datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for the + configured datasource. + type: string + name: + description: Database Name. For example, rhpam + type: string + nonXA: + description: Sets the datasources type. It can be + XA or NONXA. For non XA set it to true. Default + value is false. + type: string + password: + description: External database password + format: password + type: string + port: + description: Database Port. For example, 3306 + type: string + username: + description: External database username + type: string + required: + - dialect + - driver + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to create. + For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + deployments: + description: Number of Server sets that will be deployed + format: int + type: integer + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never + be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + from: + description: ImageObjRef contains enough information to + let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a + valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to + have some well-defined way of referencing a part of + an object. TODO: this design is not final and this + field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + id: + description: Server ID + type: string + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jms: + description: KieAppJmsObject messaging specification to + be used by the KieApp + properties: + amqEnableSSL: + description: Not intended to be set by the user, if + will be set to true if all required SSL parameters + are set. + type: boolean + amqKeystoreName: + description: The name of the AMQ keystore file. + type: string + amqKeystorePassword: + description: The password for the AMQ keystore and certificate. + format: password + type: string + amqQueues: + description: AMQ broker broker comma separated queues, + if empty the values from default queues will be used. + type: string + amqSecretName: + description: The name of a secret containing AMQ SSL + related files. + type: string + amqTruststoreName: + description: The name of the AMQ SSL Trust Store file. + type: string + amqTruststorePassword: + description: The password for the AMQ Trust Store. + format: password + type: string + auditTransacted: + description: Determines if JMS session is transacted + or not - default true. + type: boolean + enableAudit: + description: Enable the Audit logging through JMS. Default + is false. + type: boolean + enableIntegration: + description: When set to true will configure the KIE + Server with JMS integration, if no configuration is + added, the default will be used. + type: boolean + enableSignal: + description: Enable the Signal configuration through + JMS. Default is false. + type: boolean + executor: + description: Set false to disable the JMS executor, + it is enabled by default. + type: boolean + executorTransacted: + description: Enable transactions for JMS executor, disabled + by default. + type: boolean + password: + description: AMQ broker password to connect do the AMQ, + generated if empty. + format: password + type: string + queueAudit: + description: JNDI name of audit logging queue for JMS, + example queue/CUSTOM.KIE.SERVER.AUDIT, default is + queue/KIE.SERVER.AUDIT. + type: string + queueExecutor: + description: JNDI name of executor queue for JMS, example + queue/CUSTOM.KIE.SERVER.EXECUTOR, default is queue/KIE.SERVER.EXECUTOR. + type: string + queueRequest: + description: JNDI name of request queue for JMS, example + queue/CUSTOM.KIE.SERVER.REQUEST, default is queue/KIE.SERVER.REQUEST. + type: string + queueResponse: + description: JNDI name of response queue for JMS, example + queue/CUSTOM.KIE.SERVER.RESPONSE, default is queue/KIE.SERVER.RESPONSE. + type: string + queueSignal: + description: JNDI name of signal queue for JMS, example + queue/CUSTOM.KIE.SERVER.SIGNAL, default is queue/KIE.SERVER.SIGNAL. + type: string + username: + description: AMQ broker username to connect do the AMQ, + generated if empty. + type: string + required: + - enableIntegration + type: object + jvm: + description: JvmObject JVM specification to be used by the + KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC time + versus previous GC times when determining the new + heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of this + variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after GC + to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after GC + to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent outside + the garbage collection (for example, the time spent + for application execution) to the time spent in the + garbage collection, it's desirable that not more than + 1 / (1 + n) e.g. 99 and means 1% spent on gc, 4 means + spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap memory. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xms' is set + to a ratio of the '-Xmx' memory as set here. The default + is '25' which means 25% of the '-Xmx' is used as the + initial heap size. You can skip this mechanism by + setting this value to '0' in which case no '-Xms' + option is added. e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a container + without any memory constraints for the container then + this option has no effect. If there is a memory constraint + then '-Xms' is limited to the value set here. The + default is 4096Mb which means the calculated value + of '-Xms' never will be greater than 4096Mb. The value + of this variable is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is set + to a ratio of the container available memory as set + here. The default is '50' which means 50% of the available + memory is used as an upper boundary. You can skip + this mechanism by setting this value to '0' in which + case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + name: + description: Server name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the SSO + integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + type: array + smartRouter: + description: SmartRouterObject configuration of the RHPAM smart + router + properties: + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param is + optional for custom image. + type: string + keystoreSecret: + description: Keystore secret name + type: string + protocol: + description: Smart Router protocol, if no value is provided, + http is the default protocol. + enum: + - http + - https + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + storageClassName: + description: The storageClassName to use + type: string + useExternalRoute: + description: If enabled, Business Central will use the external + smartrouter route to communicate with it. Note that, valid + SSL certificates should be used. + type: boolean + type: object + type: object + upgrades: + description: Specify the level of product upgrade that should be allowed + when an older product version is detected + properties: + enabled: + description: Set true to enable automatic micro version product + upgrades, it is disabled by default. + type: boolean + minor: + description: Set true to enable automatic minor product version + upgrades, it is disabled by default. Requires spec.upgrades.enabled + to be true. + type: boolean + type: object + useImageTags: + description: Set true to enable image tags, disabled by default. This + will leverage image tags instead of the image digests. + type: boolean + version: + description: The version of the application deployment. + type: string + required: + - environment + type: object + status: + description: KieAppStatus - The status for custom resources managed by + the operator-sdk. + properties: + applied: + description: KieAppSpec defines the desired state of KieApp + properties: + auth: + description: KieAppAuthObject Authentication specification to + be used by the KieApp + properties: + ldap: + description: LDAPAuthConfig Authentication configuration for + LDAP + properties: + baseCtxDN: + description: LDAP Base DN of the top-level context to + begin the user search. + type: string + baseFilter: + description: DAP search filter used to locate the context + of the user to authenticate. The input username or userDN + obtained from the login module callback is substituted + into the filter anywhere a {0} expression is used. A + common example for the search filter is (uid={0}). + type: string + bindCredential: + description: LDAP Credentials used for authentication + format: password + type: string + bindDN: + description: Bind DN used for authentication + type: string + defaultRole: + description: A role included for all authenticated users + type: string + distinguishedNameAttribute: + description: The name of the attribute in the user entry + that contains the DN of the user. This may be necessary + if the DN of the user itself contains special characters, + backslash for example, that prevent correct user mapping. + If the attribute does not exist, the entry’s DN is used. + type: string + jaasSecurityDomain: + description: The JMX ObjectName of the JaasSecurityDomain + used to decrypt the password. + type: string + loginModule: + description: A flag to set login module to optional. The + default value is required + enum: + - optional + - required + type: string + parseRoleNameFromDN: + description: A flag indicating if the DN returned by a + query contains the roleNameAttributeID. If set to true, + the DN is checked for the roleNameAttributeID. If set + to false, the DN is not checked for the roleNameAttributeID. + This flag can improve the performance of LDAP queries. + type: boolean + parseUsername: + description: A flag indicating if the DN is to be parsed + for the username. If set to true, the DN is parsed for + the username. If set to false the DN is not parsed for + the username. This option is used together with usernameBeginString + and usernameEndString. + type: boolean + referralUserAttributeIDToCheck: + description: If you are not using referrals, you can ignore + this option. When using referrals, this option denotes + the attribute name which contains users defined for + a certain role, for example member, if the role object + is inside the referral. Users are checked against the + content of this attribute name. If this option is not + set, the check will always fail, so role objects cannot + be stored in a referral tree. + type: string + roleAttributeID: + description: Name of the attribute containing the user + roles. + type: string + roleAttributeIsDN: + description: Whether or not the roleAttributeID contains + the fully-qualified DN of a role object. If false, the + role name is taken from the value of the roleNameAttributeId + attribute of the context name. Certain directory schemas, + such as Microsoft Active Directory, require this attribute + to be set to true. + type: boolean + roleFilter: + description: A search filter used to locate the roles + associated with the authenticated user. The input username + or userDN obtained from the login module callback is + substituted into the filter anywhere a {0} expression + is used. The authenticated userDN is substituted into + the filter anywhere a {1} is used. An example search + filter that matches on the input username is (member={0}). + An alternative that matches on the authenticated userDN + is (member={1}). + type: string + roleNameAttributeID: + description: Name of the attribute within the roleCtxDN + context which contains the role name. If the roleAttributeIsDN + property is set to true, this property is used to find + the role object’s name attribute. + type: string + roleRecursion: + description: The number of levels of recursion the role + search will go below a matching context. Disable recursion + by setting this to 0. + format: int16 + type: integer + rolesCtxDN: + description: The fixed DN of the context to search for + user roles. This is not the DN where the actual roles + are, but the DN where the objects containing the user + roles are. For example, in a Microsoft Active Directory + server, this is the DN where the user account is. + type: string + searchScope: + description: SearchScopeType Type used to define how the + LDAP searches are performed + enum: + - SUBTREE_SCOPE + - OBJECT_SCOPE + - ONELEVEL_SCOPE + type: string + searchTimeLimit: + description: The timeout in milliseconds for user or role + searches. + format: int32 + type: integer + url: + description: LDAP endpoint to connect for authentication. + For failover set two or more LDAP endpoints separated + by space + type: string + usernameBeginString: + description: Defines the String which is to be removed + from the start of the DN to reveal the username. This + option is used together with usernameEndString and only + taken into account if parseUsername is set to true. + type: string + usernameEndString: + description: Defines the String which is to be removed + from the end of the DN to reveal the username. This + option is used together with usernameBeginString and + only taken into account if parseUsername is set to true. + type: string + required: + - url + type: object + roleMapper: + description: When present, the RoleMapping Login Module will + be configured. + properties: + from: + description: ObjRef contains enough information to let + you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + replaceRole: + type: boolean + rolesProperties: + type: string + required: + - rolesProperties + type: object + sso: + description: SSOAuthConfig Authentication configuration for + SSO + properties: + adminPassword: + description: RH-SSO Realm Admin Password used to create + the Client + format: password + type: string + adminUser: + description: RH-SSO Realm Admin Username used to create + the Client if it doesn't exist + type: string + disableSSLCertValidation: + description: RH-SSO Disable SSL Certificate Validation + type: boolean + principalAttribute: + description: RH-SSO Principal Attribute to use as username + type: string + realm: + description: RH-SSO Realm name + type: string + url: + description: RH-SSO URL + type: string + required: + - realm + - url + type: object + type: object + commonConfig: + description: CommonConfig variables used in the templates + properties: + adminPassword: + description: The password to use for the adminUser. + format: password + type: string + adminUser: + description: The user to use for the admin. + type: string + amqClusterPassword: + description: The password to use for amq cluster user. + format: password + type: string + amqPassword: + description: The password to use for amq user. + format: password + type: string + applicationName: + description: The name of the application deployment. + type: string + dbPassword: + description: The password to use for databases. + format: password + type: string + keyStorePassword: + description: The password to use for keystore generation. + format: password + type: string + type: object + environment: + description: The name of the environment used as a baseline + enum: + - rhdm-authoring-ha + - rhdm-authoring + - rhdm-production-immutable + - rhdm-trial + - rhpam-authoring-ha + - rhpam-authoring + - rhpam-production-immutable + - rhpam-production + - rhpam-standalone-dashbuilder + - rhpam-trial + type: string + imageRegistry: + description: If required imagestreams are missing in both the + 'openshift' and local namespaces, the operator will create said + imagestreams locally using the registry specified here. + properties: + insecure: + description: A flag used to indicate the specified registry + is insecure. Defaults to 'false'. + type: boolean + registry: + description: Image registry's base 'url:port'. e.g. registry.example.com:5000. + Defaults to 'registry.redhat.io'. + type: string + type: object + objects: + description: Configuration of the RHPAM components + properties: + console: + description: ConsoleObject configuration of the RHPAM workbench + properties: + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will + never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + gitHooks: + description: GitHooksVolume GitHooks volume configuration + properties: + from: + description: ObjRef contains enough information to + let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. + For example, if the object reference is to a + container within a pod, this would take on a + value like: "spec.containers{name}" (where "name" + refers to the name of the container that triggered + the event) or if no container name is specified + "spec.containers[2]" (container with index 2 + in this pod). This syntax is chosen only to + have some well-defined way of referencing a + part of an object. TODO: this design is not + final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + mountPath: + description: Absolute path where the gitHooks folder + will be mounted. + type: string + sshSecret: + description: 'Secret to use for ssh key and known + hosts file. The secret must contain two files: id_rsa + and known_hosts.' + type: string + type: object + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by + the KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC + time versus previous GC times when determining + the new heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of + this variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after + GC to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after + GC to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent + outside the garbage collection (for example, the + time spent for application execution) to the time + spent in the garbage collection, it's desirable + that not more than 1 / (1 + n) e.g. 99 and means + 1% spent on gc, 4 means spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap memory. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xms' is set + to a ratio of the '-Xmx' memory as set here. The + default is '25' which means 25% of the '-Xmx' is + used as the initial heap size. You can skip this + mechanism by setting this value to '0' in which + case no '-Xms' option is added. e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a container + without any memory constraints for the container + then this option has no effect. If there is a memory + constraint then '-Xms' is limited to the value set + here. The default is 4096Mb which means the calculated + value of '-Xms' never will be greater than 4096Mb. + The value of this variable is expressed in MB. e.g. + '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is set + to a ratio of the container available memory as + set here. The default is '50' which means 50% of + the available memory is used as an upper boundary. + You can skip this mechanism by setting this value + to '0' in which case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + pvSize: + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the + SSO integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + dashbuilder: + description: DashbuilderObject configuration of the RHPAM + Dashbuilder + properties: + config: + description: DashbuilderConfig holds all configurations + that can be applied to the Dashbuilder env + properties: + allowExternalFileRegister: + description: Allow download of external (remote) files + into runtime. Default value is false + type: boolean + componentEnable: + description: When set to true enables external components. + type: boolean + componentPartition: + description: Components will be partitioned by the + Runtime Model ID. Default value is true + type: boolean + configMapProps: + description: Properties file with Dashbuilder configurations, + if set, uniq properties will be appended and, if + a property is set mode than once, the one from this + property file will be used. + type: string + dataSetPartition: + description: Datasets IDs will partitioned by the + Runtime Model ID. Default value is true + type: boolean + enableBusinessCentral: + description: Enables integration with Business Central + type: boolean + enableKieServer: + description: Enables integration with KIE Server + type: boolean + externalCompDir: + description: Base Directory where dashboards ZIPs + are stored. If PersistentConfigs is enabled and + ExternalCompDir is not pointing to a already existing + PV the /opt/kie/dashbuilder/components directory + will be used. + type: string + importFileLocation: + description: Set a static dashboard to run with runtime. + When this property is set no new imports are allowed. + type: string + importsBaseDir: + description: Base Directory where dashboards ZIPs + are stored. If PersistentConfigs is enabled and + ImportsBaseDir is not pointing to a already existing + PV the /opt/kie/dashbuilder/imports directory will + be used. If ImportFileLocation is set ImportsBaseDir + will be ignored. + type: string + kieServerDataSets: + description: Defines the KIE Server Datasets access + configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + kieServerTemplates: + description: Defines the KIE Server Templates access + configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + modelFileRemoval: + description: When enabled will also remove actual + model file from file system. Default value is false. + type: boolean + modelUpdate: + description: Allows Runtime to check model last update + in FS to update its content. Default value is true. + type: boolean + persistentConfigs: + description: Make Dashbuilder not ephemeral. If ImportFileLocation + is set PersistentConfigs will be ignored. Default + value is true. + type: boolean + runtimeMultipleImport: + description: Runtime will always allow use of new + imports (multi tenancy). Default value is false. + type: boolean + uploadSize: + description: Limits the size of uploaded dashboards + (in kb). Default value is 10485760 kb. + format: int64 + type: integer + type: object + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will + never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by + the KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC + time versus previous GC times when determining + the new heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of + this variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after + GC to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after + GC to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent + outside the garbage collection (for example, the + time spent for application execution) to the time + spent in the garbage collection, it's desirable + that not more than 1 / (1 + n) e.g. 99 and means + 1% spent on gc, 4 means spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap memory. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xms' is set + to a ratio of the '-Xmx' memory as set here. The + default is '25' which means 25% of the '-Xmx' is + used as the initial heap size. You can skip this + mechanism by setting this value to '0' in which + case no '-Xms' option is added. e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a container + without any memory constraints for the container + then this option has no effect. If there is a memory + constraint then '-Xms' is limited to the value set + here. The default is 4096Mb which means the calculated + value of '-Xms' never will be greater than 4096Mb. + The value of this variable is expressed in MB. e.g. + '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is set + to a ratio of the container available memory as + set here. The default is '50' which means 50% of + the available memory is used as an upper boundary. + You can skip this mechanism by setting this value + to '0' in which case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the + SSO integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + processMigration: + description: ProcessMigrationObject configuration of the RHPAM + PIM + properties: + database: + description: ProcessMigrationDatabaseObject Defines how + a Process Migration server will manage and create a + new Database or connect to an existing one + properties: + externalConfig: + description: CommonExtDBObjectRequiredURL common configuration + definition of an external database + properties: + backgroundValidation: + description: Sets the sql validation method to + background-validation, if set to false the validate-on-match + method will be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + driver: + description: Driver name to use. For example, + mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should + be broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + jdbcURL: + description: Database JDBC URL. For example, jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for the + configured datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for the + configured datasource. + type: string + password: + description: External database password + format: password + type: string + username: + description: External database username + type: string + required: + - driver + - jdbcURL + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to + create. For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + image: + description: The image to use for Process Instance Migration + e.g. rhpam-process-migration-rhel8, this param is optional + for custom image. + type: string + imageContext: + description: The image context to use for Process Instance + Migration e.g. rhpam-7, this param is optional for + custom image. + type: string + imageTag: + description: The image tag to use for Process Instance + Migration e.g. 7.9.0, this param is optional for custom + image. + type: string + type: object + servers: + description: Configuration of the each individual KIE server + items: + description: KieServerSet KIE Server configuration for a + single set, or for multiple sets if deployments is set + to >1 + properties: + build: + description: KieAppBuildObject Data to define how to + build an application from source + properties: + artifactDir: + description: List of directories from which archives + will be copied into the deployment folder. If + unspecified, all archives in /target will be copied. + type: string + disableKCVerification: + description: Disable Maven KIE Jar verification. + It is recommended to test the kjar manually before + disabling this verification. + type: boolean + disablePullDeps: + description: Disable Maven pull dependencies for + immutable KIE Server configurations for S2I and + pre built kjars. Useful for pre-compiled kjar. + type: boolean + env: + description: Env set environment variables for BuildConfigs + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined + environment variables in the container and + any service environment variables. If a + variable cannot be resolved, the reference + in the input string will be unchanged. The + $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the + container: only resources limits and + requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + extensionImageInstallDir: + description: Full path to the directory within the + extensions image where the extensions are located + (e.g. install.sh, modules/, etc.). + type: string + extensionImageStreamTag: + description: ImageStreamTag definition for the image + containing the drivers and configuration. For + example, custom-driver-image:7.7.0. + type: string + extensionImageStreamTagNamespace: + description: Namespace within which the ImageStream + definition for the image containing the drivers + and configuration is located. Defaults to openshift + namespace. + type: string + from: + description: ImageObjRef contains enough information + to let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an + object instead of an entire object, this string + should contain a valid JSON/Go field access + statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to + a container within a pod, this would take + on a value like: "spec.containers{name}" (where + "name" refers to the name of the container + that triggered the event) or if no container + name is specified "spec.containers[2]" (container + with index 2 in this pod). This syntax is + chosen only to have some well-defined way + of referencing a part of an object. TODO: + this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + gitSource: + description: GitSource Git coordinates to locate + the source code to build + properties: + contextDir: + description: Context/subdirectory where the + code is located, relatively to repo root + type: string + reference: + description: Branch to use in the git repository + type: string + uri: + description: Git URI for the s2i source + type: string + required: + - reference + - uri + type: object + kieServerContainerDeployment: + description: The Maven GAV to deploy, e.g., rhpam-kieserver-library=org.openshift.quickstarts:rhpam-kieserver-library:1.5.0-SNAPSHOT + type: string + mavenMirrorURL: + description: Maven mirror to use for S2I builds + type: string + webhooks: + items: + description: WebhookSecret Secret to use for a + given webhook + properties: + secret: + type: string + type: + description: WebhookType literal type to distinguish + between different types of Webhooks + enum: + - GitHub + - Generic + type: string + required: + - secret + - type + type: object + minItems: 1 + type: array + type: object + database: + description: DatabaseObject Defines how a KieServer + will manage and create a new Database or connect to + an existing one + properties: + externalConfig: + description: ExternalDatabaseObject configuration + definition of an external database + properties: + backgroundValidation: + description: Sets the sql validation method + to background-validation, if set to false + the validate-on-match method will be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + dialect: + description: Hibernate dialect class to use. + For example, org.hibernate.dialect.MySQL8Dialect + type: string + driver: + description: Driver name to use. For example, + mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should + be broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + host: + description: Database Host. For example, mydb.example.com + type: string + jdbcURL: + description: Database JDBC URL. For example, + jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for + the configured datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for + the configured datasource. + type: string + name: + description: Database Name. For example, rhpam + type: string + nonXA: + description: Sets the datasources type. It can + be XA or NONXA. For non XA set it to true. + Default value is false. + type: string + password: + description: External database password + format: password + type: string + port: + description: Database Port. For example, 3306 + type: string + username: + description: External database username + type: string + required: + - dialect + - driver + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to + create. For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + deployments: + description: Number of Server sets that will be deployed + format: int + type: integer + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + from: + description: ImageObjRef contains enough information + to let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to + the name of the container that triggered the event) + or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax + is chosen only to have some well-defined way of + referencing a part of an object. TODO: this design + is not final and this field is subject to change + in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + id: + description: Server ID + type: string + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, + this param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jms: + description: KieAppJmsObject messaging specification + to be used by the KieApp + properties: + amqEnableSSL: + description: Not intended to be set by the user, + if will be set to true if all required SSL parameters + are set. + type: boolean + amqKeystoreName: + description: The name of the AMQ keystore file. + type: string + amqKeystorePassword: + description: The password for the AMQ keystore and + certificate. + format: password + type: string + amqQueues: + description: AMQ broker broker comma separated queues, + if empty the values from default queues will be + used. + type: string + amqSecretName: + description: The name of a secret containing AMQ + SSL related files. + type: string + amqTruststoreName: + description: The name of the AMQ SSL Trust Store + file. + type: string + amqTruststorePassword: + description: The password for the AMQ Trust Store. + format: password + type: string + auditTransacted: + description: Determines if JMS session is transacted + or not - default true. + type: boolean + enableAudit: + description: Enable the Audit logging through JMS. + Default is false. + type: boolean + enableIntegration: + description: When set to true will configure the + KIE Server with JMS integration, if no configuration + is added, the default will be used. + type: boolean + enableSignal: + description: Enable the Signal configuration through + JMS. Default is false. + type: boolean + executor: + description: Set false to disable the JMS executor, + it is enabled by default. + type: boolean + executorTransacted: + description: Enable transactions for JMS executor, + disabled by default. + type: boolean + password: + description: AMQ broker password to connect do the + AMQ, generated if empty. + format: password + type: string + queueAudit: + description: JNDI name of audit logging queue for + JMS, example queue/CUSTOM.KIE.SERVER.AUDIT, default + is queue/KIE.SERVER.AUDIT. + type: string + queueExecutor: + description: JNDI name of executor queue for JMS, + example queue/CUSTOM.KIE.SERVER.EXECUTOR, default + is queue/KIE.SERVER.EXECUTOR. + type: string + queueRequest: + description: JNDI name of request queue for JMS, + example queue/CUSTOM.KIE.SERVER.REQUEST, default + is queue/KIE.SERVER.REQUEST. + type: string + queueResponse: + description: JNDI name of response queue for JMS, + example queue/CUSTOM.KIE.SERVER.RESPONSE, default + is queue/KIE.SERVER.RESPONSE. + type: string + queueSignal: + description: JNDI name of signal queue for JMS, + example queue/CUSTOM.KIE.SERVER.SIGNAL, default + is queue/KIE.SERVER.SIGNAL. + type: string + username: + description: AMQ broker username to connect do the + AMQ, generated if empty. + type: string + required: + - enableIntegration + type: object + jvm: + description: JvmObject JVM specification to be used + by the KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current + GC time versus previous GC times when determining + the new heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of + this variable should contain the necessary JRE + command-line options to specify the required GC, + which will override the default of '-XX:+UseParallelOldGC'. + e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after + GC to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega + bytes unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after + GC to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent + outside the garbage collection (for example, the + time spent for application execution) to the time + spent in the garbage collection, it's desirable + that not more than 1 / (1 + n) e.g. 99 and means + 1% spent on gc, 4 means spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. + Disabled by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap + memory. If used in a container without any memory + constraints for the container then this option + has no effect. If there is a memory constraint + then '-Xms' is set to a ratio of the '-Xmx' memory + as set here. The default is '25' which means 25% + of the '-Xmx' is used as the initial heap size. + You can skip this mechanism by setting this value + to '0' in which case no '-Xms' option is added. + e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a + container without any memory constraints for the + container then this option has no effect. If there + is a memory constraint then '-Xms' is limited + to the value set here. The default is 4096Mb which + means the calculated value of '-Xms' never will + be greater than 4096Mb. The value of this variable + is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is + set to a ratio of the container available memory + as set here. The default is '50' which means 50% + of the available memory is used as an upper boundary. + You can skip this mechanism by setting this value + to '0' in which case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + name: + description: Server name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the + SSO integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect + URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + type: array + smartRouter: + description: SmartRouterObject configuration of the RHPAM + smart router + properties: + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will + never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + keystoreSecret: + description: Keystore secret name + type: string + protocol: + description: Smart Router protocol, if no value is provided, + http is the default protocol. + enum: + - http + - https + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + storageClassName: + description: The storageClassName to use + type: string + useExternalRoute: + description: If enabled, Business Central will use the + external smartrouter route to communicate with it. Note + that, valid SSL certificates should be used. + type: boolean + type: object + type: object + upgrades: + description: Specify the level of product upgrade that should + be allowed when an older product version is detected + properties: + enabled: + description: Set true to enable automatic micro version product + upgrades, it is disabled by default. + type: boolean + minor: + description: Set true to enable automatic minor product version + upgrades, it is disabled by default. Requires spec.upgrades.enabled + to be true. + type: boolean + type: object + useImageTags: + description: Set true to enable image tags, disabled by default. + This will leverage image tags instead of the image digests. + type: boolean + version: + description: The version of the application deployment. + type: string + required: + - environment + type: object + conditions: + items: + description: Condition - The condition for the kie-cloud-operator + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + description: ReasonType - type of reason + type: string + status: + type: string + type: + description: ConditionType - type of condition + type: string + version: + type: string + required: + - status + - type + type: object + type: array + consoleHost: + type: string + deployments: + properties: + ready: + description: Deployments are ready to serve requests + items: + type: string + type: array + starting: + description: Deployments are starting, may or may not succeed + items: + type: string + type: array + stopped: + description: Deployments are not starting, unclear what next step + will be + items: + type: string + type: array + type: object + phase: + description: ConditionType - type of condition + type: string + version: + type: string + required: + - conditions + - deployments + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/deploy/olm-catalog/prod/7.10.1-3/metadata/annotations.yaml b/deploy/olm-catalog/prod/7.10.1-3/metadata/annotations.yaml new file mode 100644 index 000000000..724337620 --- /dev/null +++ b/deploy/olm-catalog/prod/7.10.1-3/metadata/annotations.yaml @@ -0,0 +1,10 @@ +annotations: + operators.operatorframework.io.bundle.channel.default.v1: stable + operators.operatorframework.io.bundle.channels.v1: stable + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: businessautomation-operator + operators.operatorframework.io.metrics.builder: operator-sdk-v0.19.2 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: go diff --git a/deploy/olm-catalog/prod/7.11.0-1/manifests/businessautomation-operator.clusterserviceversion.yaml b/deploy/olm-catalog/prod/7.11.0-1/manifests/businessautomation-operator.clusterserviceversion.yaml index b6f29b64b..dd792443e 100644 --- a/deploy/olm-catalog/prod/7.11.0-1/manifests/businessautomation-operator.clusterserviceversion.yaml +++ b/deploy/olm-catalog/prod/7.11.0-1/manifests/businessautomation-operator.clusterserviceversion.yaml @@ -7,7 +7,7 @@ metadata: categories: Integration & Delivery certified: "true" containerImage: registry.stage.redhat.io/rhpam-7/rhpam-rhel8-operator:7.11.0 - createdAt: "2021-04-08 15:31:30" + createdAt: "2021-04-16 15:53:33" description: Deploys and manages Red Hat Process Automation Manager and Red Hat Decision Manager environments. operators.openshift.io/infrastructure-features: '["Disconnected"]' repository: https://github.com/kiegroup/kie-cloud-operator @@ -413,7 +413,7 @@ spec: maturity: stable provider: name: Red Hat - replaces: businessautomation-operator.7.10.1-2 + replaces: businessautomation-operator.7.10.1-3 selector: matchLabels: alm-owner-businessautomation: businessautomation-operator diff --git a/deploy/olm-catalog/test/7.10.0-2/manifests/kieapp.crd.yaml b/deploy/olm-catalog/test/7.10.0-2/manifests/kieapp.crd.yaml deleted file mode 120000 index 0bbfc8893..000000000 --- a/deploy/olm-catalog/test/7.10.0-2/manifests/kieapp.crd.yaml +++ /dev/null @@ -1 +0,0 @@ -../../../../crds/kieapp.crd.yaml \ No newline at end of file diff --git a/deploy/olm-catalog/test/7.10.0-2/manifests/kieapp.crd.yaml b/deploy/olm-catalog/test/7.10.0-2/manifests/kieapp.crd.yaml new file mode 100644 index 000000000..e754a944e --- /dev/null +++ b/deploy/olm-catalog/test/7.10.0-2/manifests/kieapp.crd.yaml @@ -0,0 +1,4328 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kieapps.app.kiegroup.org +spec: + group: app.kiegroup.org + names: + kind: KieApp + listKind: KieAppList + plural: kieapps + singular: kieapp + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The version of the application deployment + jsonPath: .status.version + name: Version + type: string + - description: The name of the environment used as a baseline + jsonPath: .spec.environment + name: Environment + type: string + - description: The status of the KieApp deployment + jsonPath: .status.phase + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v2 + schema: + openAPIV3Schema: + description: KieApp is the Schema for the kieapps API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KieAppSpec defines the desired state of KieApp + properties: + auth: + description: KieAppAuthObject Authentication specification to be used + by the KieApp + properties: + ldap: + description: LDAPAuthConfig Authentication configuration for LDAP + properties: + baseCtxDN: + description: LDAP Base DN of the top-level context to begin + the user search. + type: string + baseFilter: + description: DAP search filter used to locate the context + of the user to authenticate. The input username or userDN + obtained from the login module callback is substituted into + the filter anywhere a {0} expression is used. A common example + for the search filter is (uid={0}). + type: string + bindCredential: + description: LDAP Credentials used for authentication + format: password + type: string + bindDN: + description: Bind DN used for authentication + type: string + defaultRole: + description: A role included for all authenticated users + type: string + distinguishedNameAttribute: + description: The name of the attribute in the user entry that + contains the DN of the user. This may be necessary if the + DN of the user itself contains special characters, backslash + for example, that prevent correct user mapping. If the attribute + does not exist, the entry’s DN is used. + type: string + jaasSecurityDomain: + description: The JMX ObjectName of the JaasSecurityDomain + used to decrypt the password. + type: string + loginModule: + description: A flag to set login module to optional. The default + value is required + enum: + - optional + - required + type: string + parseRoleNameFromDN: + description: A flag indicating if the DN returned by a query + contains the roleNameAttributeID. If set to true, the DN + is checked for the roleNameAttributeID. If set to false, + the DN is not checked for the roleNameAttributeID. This + flag can improve the performance of LDAP queries. + type: boolean + parseUsername: + description: A flag indicating if the DN is to be parsed for + the username. If set to true, the DN is parsed for the username. + If set to false the DN is not parsed for the username. This + option is used together with usernameBeginString and usernameEndString. + type: boolean + referralUserAttributeIDToCheck: + description: If you are not using referrals, you can ignore + this option. When using referrals, this option denotes the + attribute name which contains users defined for a certain + role, for example member, if the role object is inside the + referral. Users are checked against the content of this + attribute name. If this option is not set, the check will + always fail, so role objects cannot be stored in a referral + tree. + type: string + roleAttributeID: + description: Name of the attribute containing the user roles. + type: string + roleAttributeIsDN: + description: Whether or not the roleAttributeID contains the + fully-qualified DN of a role object. If false, the role + name is taken from the value of the roleNameAttributeId + attribute of the context name. Certain directory schemas, + such as Microsoft Active Directory, require this attribute + to be set to true. + type: boolean + roleFilter: + description: A search filter used to locate the roles associated + with the authenticated user. The input username or userDN + obtained from the login module callback is substituted into + the filter anywhere a {0} expression is used. The authenticated + userDN is substituted into the filter anywhere a {1} is + used. An example search filter that matches on the input + username is (member={0}). An alternative that matches on + the authenticated userDN is (member={1}). + type: string + roleNameAttributeID: + description: Name of the attribute within the roleCtxDN context + which contains the role name. If the roleAttributeIsDN property + is set to true, this property is used to find the role object’s + name attribute. + type: string + roleRecursion: + description: The number of levels of recursion the role search + will go below a matching context. Disable recursion by setting + this to 0. + format: int16 + type: integer + rolesCtxDN: + description: The fixed DN of the context to search for user + roles. This is not the DN where the actual roles are, but + the DN where the objects containing the user roles are. + For example, in a Microsoft Active Directory server, this + is the DN where the user account is. + type: string + searchScope: + description: SearchScopeType Type used to define how the LDAP + searches are performed + enum: + - SUBTREE_SCOPE + - OBJECT_SCOPE + - ONELEVEL_SCOPE + type: string + searchTimeLimit: + description: The timeout in milliseconds for user or role + searches. + format: int32 + type: integer + url: + description: LDAP endpoint to connect for authentication. + For failover set two or more LDAP endpoints separated by + space + type: string + usernameBeginString: + description: Defines the String which is to be removed from + the start of the DN to reveal the username. This option + is used together with usernameEndString and only taken into + account if parseUsername is set to true. + type: string + usernameEndString: + description: Defines the String which is to be removed from + the end of the DN to reveal the username. This option is + used together with usernameBeginString and only taken into + account if parseUsername is set to true. + type: string + required: + - url + type: object + roleMapper: + description: When present, the RoleMapping Login Module will be + configured. + properties: + from: + description: ObjRef contains enough information to let you + inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + replaceRole: + type: boolean + rolesProperties: + type: string + required: + - rolesProperties + type: object + sso: + description: SSOAuthConfig Authentication configuration for SSO + properties: + adminPassword: + description: RH-SSO Realm Admin Password used to create the + Client + format: password + type: string + adminUser: + description: RH-SSO Realm Admin Username used to create the + Client if it doesn't exist + type: string + disableSSLCertValidation: + description: RH-SSO Disable SSL Certificate Validation + type: boolean + principalAttribute: + description: RH-SSO Principal Attribute to use as username + type: string + realm: + description: RH-SSO Realm name + type: string + url: + description: RH-SSO URL + type: string + required: + - realm + - url + type: object + type: object + commonConfig: + description: CommonConfig variables used in the templates + properties: + adminPassword: + description: The password to use for the adminUser. + format: password + type: string + adminUser: + description: The user to use for the admin. + type: string + amqClusterPassword: + description: The password to use for amq cluster user. + format: password + type: string + amqPassword: + description: The password to use for amq user. + format: password + type: string + applicationName: + description: The name of the application deployment. + type: string + dbPassword: + description: The password to use for databases. + format: password + type: string + keyStorePassword: + description: The password to use for keystore generation. + format: password + type: string + type: object + environment: + description: The name of the environment used as a baseline + enum: + - rhdm-authoring-ha + - rhdm-authoring + - rhdm-production-immutable + - rhdm-trial + - rhpam-authoring-ha + - rhpam-authoring + - rhpam-production-immutable + - rhpam-production + - rhpam-standalone-dashbuilder + - rhpam-trial + type: string + imageRegistry: + description: If required imagestreams are missing in both the 'openshift' + and local namespaces, the operator will create said imagestreams + locally using the registry specified here. + properties: + insecure: + description: A flag used to indicate the specified registry is + insecure. Defaults to 'false'. + type: boolean + registry: + description: Image registry's base 'url:port'. e.g. registry.example.com:5000. + Defaults to 'registry.redhat.io'. + type: string + type: object + objects: + description: Configuration of the RHPAM components + properties: + console: + description: ConsoleObject configuration of the RHPAM workbench + properties: + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + gitHooks: + description: GitHooksVolume GitHooks volume configuration + properties: + from: + description: ObjRef contains enough information to let + you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + mountPath: + description: Absolute path where the gitHooks folder will + be mounted. + type: string + sshSecret: + description: 'Secret to use for ssh key and known hosts + file. The secret must contain two files: id_rsa and + known_hosts.' + type: string + type: object + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param is + optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by the + KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC time + versus previous GC times when determining the new heap + size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of this + variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after GC + to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after GC + to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent outside + the garbage collection (for example, the time spent + for application execution) to the time spent in the + garbage collection, it's desirable that not more than + 1 / (1 + n) e.g. 99 and means 1% spent on gc, 4 means + spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate a default initial + heap memory based on the maximum heap memory. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xms' is set to a ratio of + the '-Xmx' memory as set here. The default is '25' which + means 25% of the '-Xmx' is used as the initial heap + size. You can skip this mechanism by setting this value + to '0' in which case no '-Xms' option is added. e.g. + '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate the maximum value + of the initial heap memory. If used in a container without + any memory constraints for the container then this option + has no effect. If there is a memory constraint then + '-Xms' is limited to the value set here. The default + is 4096Mb which means the calculated value of '-Xms' + never will be greater than 4096Mb. The value of this + variable is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given in + JAVA_OPTS. This is used to calculate a default maximal + heap memory based on a containers restriction. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xmx' is set to a ratio of + the container available memory as set here. The default + is '50' which means 50% of the available memory is used + as an upper boundary. You can skip this mechanism by + setting this value to '0' in which case no '-Xmx' option + is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + pvSize: + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the SSO + integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + dashbuilder: + description: DashbuilderObject configuration of the RHPAM Dashbuilder + properties: + config: + description: DashbuilderConfig holds all configurations that + can be applied to the Dashbuilder env + properties: + allowExternalFileRegister: + description: Allow download of external (remote) files + into runtime. Default value is false + type: boolean + componentEnable: + description: When set to true enables external components. + type: boolean + componentPartition: + description: Components will be partitioned by the Runtime + Model ID. Default value is true + type: boolean + configMapProps: + description: Properties file with Dashbuilder configurations, + if set, uniq properties will be appended and, if a property + is set mode than once, the one from this property file + will be used. + type: string + dataSetPartition: + description: Datasets IDs will partitioned by the Runtime + Model ID. Default value is true + type: boolean + enableBusinessCentral: + description: Enables integration with Business Central + type: boolean + enableKieServer: + description: Enables integration with KIE Server + type: boolean + externalCompDir: + description: Base Directory where dashboards ZIPs are + stored. If PersistentConfigs is enabled and ExternalCompDir + is not pointing to a already existing PV the /opt/kie/dashbuilder/components + directory will be used. + type: string + importFileLocation: + description: Set a static dashboard to run with runtime. + When this property is set no new imports are allowed. + type: string + importsBaseDir: + description: Base Directory where dashboards ZIPs are + stored. If PersistentConfigs is enabled and ImportsBaseDir + is not pointing to a already existing PV the /opt/kie/dashbuilder/imports + directory will be used. If ImportFileLocation is set + ImportsBaseDir will be ignored. + type: string + kieServerDataSets: + description: Defines the KIE Server Datasets access configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + kieServerTemplates: + description: Defines the KIE Server Templates access configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + modelFileRemoval: + description: When enabled will also remove actual model + file from file system. Default value is false. + type: boolean + modelUpdate: + description: Allows Runtime to check model last update + in FS to update its content. Default value is true. + type: boolean + persistentConfigs: + description: Make Dashbuilder not ephemeral. If ImportFileLocation + is set PersistentConfigs will be ignored. Default value + is true. + type: boolean + runtimeMultipleImport: + description: Runtime will always allow use of new imports + (multi tenancy). Default value is false. + type: boolean + uploadSize: + description: Limits the size of uploaded dashboards (in + kb). Default value is 10485760 kb. + format: int64 + type: integer + type: object + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param is + optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by the + KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC time + versus previous GC times when determining the new heap + size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of this + variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after GC + to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after GC + to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent outside + the garbage collection (for example, the time spent + for application execution) to the time spent in the + garbage collection, it's desirable that not more than + 1 / (1 + n) e.g. 99 and means 1% spent on gc, 4 means + spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate a default initial + heap memory based on the maximum heap memory. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xms' is set to a ratio of + the '-Xmx' memory as set here. The default is '25' which + means 25% of the '-Xmx' is used as the initial heap + size. You can skip this mechanism by setting this value + to '0' in which case no '-Xms' option is added. e.g. + '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate the maximum value + of the initial heap memory. If used in a container without + any memory constraints for the container then this option + has no effect. If there is a memory constraint then + '-Xms' is limited to the value set here. The default + is 4096Mb which means the calculated value of '-Xms' + never will be greater than 4096Mb. The value of this + variable is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given in + JAVA_OPTS. This is used to calculate a default maximal + heap memory based on a containers restriction. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xmx' is set to a ratio of + the container available memory as set here. The default + is '50' which means 50% of the available memory is used + as an upper boundary. You can skip this mechanism by + setting this value to '0' in which case no '-Xmx' option + is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the SSO + integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + processMigration: + description: ProcessMigrationObject configuration of the RHPAM + PIM + properties: + database: + description: ProcessMigrationDatabaseObject Defines how a + Process Migration server will manage and create a new Database + or connect to an existing one + properties: + externalConfig: + description: CommonExtDBObjectRequiredURL common configuration + definition of an external database + properties: + backgroundValidation: + description: Sets the sql validation method to background-validation, + if set to false the validate-on-match method will + be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + driver: + description: Driver name to use. For example, mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should be + broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + jdbcURL: + description: Database JDBC URL. For example, jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for the configured + datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for the configured + datasource. + type: string + password: + description: External database password + format: password + type: string + username: + description: External database username + type: string + required: + - driver + - jdbcURL + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to create. + For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + image: + description: The image to use for Process Instance Migration + e.g. rhpam-process-migration-rhel8, this param is optional + for custom image. + type: string + imageContext: + description: The image context to use for Process Instance + Migration e.g. rhpam-7, this param is optional for custom + image. + type: string + imageTag: + description: The image tag to use for Process Instance Migration + e.g. 7.9.0, this param is optional for custom image. + type: string + type: object + servers: + description: Configuration of the each individual KIE server + items: + description: KieServerSet KIE Server configuration for a single + set, or for multiple sets if deployments is set to >1 + properties: + build: + description: KieAppBuildObject Data to define how to build + an application from source + properties: + artifactDir: + description: List of directories from which archives + will be copied into the deployment folder. If unspecified, + all archives in /target will be copied. + type: string + env: + description: Env set environment variables for BuildConfigs + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + extensionImageInstallDir: + description: Full path to the directory within the extensions + image where the extensions are located (e.g. install.sh, + modules/, etc.). + type: string + extensionImageStreamTag: + description: ImageStreamTag definition for the image + containing the drivers and configuration. For example, + custom-driver-image:7.7.0. + type: string + extensionImageStreamTagNamespace: + description: Namespace within which the ImageStream + definition for the image containing the drivers and + configuration is located. Defaults to openshift namespace. + type: string + from: + description: ImageObjRef contains enough information + to let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to + the name of the container that triggered the event) + or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax + is chosen only to have some well-defined way of + referencing a part of an object. TODO: this design + is not final and this field is subject to change + in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + gitSource: + description: GitSource Git coordinates to locate the + source code to build + properties: + contextDir: + description: Context/subdirectory where the code + is located, relatively to repo root + type: string + reference: + description: Branch to use in the git repository + type: string + uri: + description: Git URI for the s2i source + type: string + required: + - reference + - uri + type: object + kieServerContainerDeployment: + description: The Maven GAV to deploy, e.g., rhpam-kieserver-library=org.openshift.quickstarts:rhpam-kieserver-library:1.5.0-SNAPSHOT + type: string + mavenMirrorURL: + description: Maven mirror to use for S2I builds + type: string + webhooks: + items: + description: WebhookSecret Secret to use for a given + webhook + properties: + secret: + type: string + type: + description: WebhookType literal type to distinguish + between different types of Webhooks + enum: + - GitHub + - Generic + type: string + required: + - secret + - type + type: object + minItems: 1 + type: array + type: object + database: + description: DatabaseObject Defines how a KieServer will + manage and create a new Database or connect to an existing + one + properties: + externalConfig: + description: ExternalDatabaseObject configuration definition + of an external database + properties: + backgroundValidation: + description: Sets the sql validation method to background-validation, + if set to false the validate-on-match method will + be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + dialect: + description: Hibernate dialect class to use. For + example, org.hibernate.dialect.MySQL8Dialect + type: string + driver: + description: Driver name to use. For example, mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should be + broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + host: + description: Database Host. For example, mydb.example.com + type: string + jdbcURL: + description: Database JDBC URL. For example, jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for the + configured datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for the + configured datasource. + type: string + name: + description: Database Name. For example, rhpam + type: string + nonXA: + description: Sets the datasources type. It can be + XA or NONXA. For non XA set it to true. Default + value is false. + type: string + password: + description: External database password + format: password + type: string + port: + description: Database Port. For example, 3306 + type: string + username: + description: External database username + type: string + required: + - dialect + - driver + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to create. + For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + deployments: + description: Number of Server sets that will be deployed + format: int + type: integer + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never + be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + from: + description: ImageObjRef contains enough information to + let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a + valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to + have some well-defined way of referencing a part of + an object. TODO: this design is not final and this + field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + id: + description: Server ID + type: string + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jms: + description: KieAppJmsObject messaging specification to + be used by the KieApp + properties: + amqEnableSSL: + description: Not intended to be set by the user, if + will be set to true if all required SSL parameters + are set. + type: boolean + amqKeystoreName: + description: The name of the AMQ keystore file. + type: string + amqKeystorePassword: + description: The password for the AMQ keystore and certificate. + format: password + type: string + amqQueues: + description: AMQ broker broker comma separated queues, + if empty the values from default queues will be used. + type: string + amqSecretName: + description: The name of a secret containing AMQ SSL + related files. + type: string + amqTruststoreName: + description: The name of the AMQ SSL Trust Store file. + type: string + amqTruststorePassword: + description: The password for the AMQ Trust Store. + format: password + type: string + auditTransacted: + description: Determines if JMS session is transacted + or not - default true. + type: boolean + enableAudit: + description: Enable the Audit logging through JMS. Default + is false. + type: boolean + enableIntegration: + description: When set to true will configure the KIE + Server with JMS integration, if no configuration is + added, the default will be used. + type: boolean + enableSignal: + description: Enable the Signal configuration through + JMS. Default is false. + type: boolean + executor: + description: Set false to disable the JMS executor, + it is enabled by default. + type: boolean + executorTransacted: + description: Enable transactions for JMS executor, disabled + by default. + type: boolean + password: + description: AMQ broker password to connect do the AMQ, + generated if empty. + format: password + type: string + queueAudit: + description: JNDI name of audit logging queue for JMS, + example queue/CUSTOM.KIE.SERVER.AUDIT, default is + queue/KIE.SERVER.AUDIT. + type: string + queueExecutor: + description: JNDI name of executor queue for JMS, example + queue/CUSTOM.KIE.SERVER.EXECUTOR, default is queue/KIE.SERVER.EXECUTOR. + type: string + queueRequest: + description: JNDI name of request queue for JMS, example + queue/CUSTOM.KIE.SERVER.REQUEST, default is queue/KIE.SERVER.REQUEST. + type: string + queueResponse: + description: JNDI name of response queue for JMS, example + queue/CUSTOM.KIE.SERVER.RESPONSE, default is queue/KIE.SERVER.RESPONSE. + type: string + queueSignal: + description: JNDI name of signal queue for JMS, example + queue/CUSTOM.KIE.SERVER.SIGNAL, default is queue/KIE.SERVER.SIGNAL. + type: string + username: + description: AMQ broker username to connect do the AMQ, + generated if empty. + type: string + required: + - enableIntegration + type: object + jvm: + description: JvmObject JVM specification to be used by the + KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC time + versus previous GC times when determining the new + heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of this + variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after GC + to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after GC + to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent outside + the garbage collection (for example, the time spent + for application execution) to the time spent in the + garbage collection, it's desirable that not more than + 1 / (1 + n) e.g. 99 and means 1% spent on gc, 4 means + spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap memory. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xms' is set + to a ratio of the '-Xmx' memory as set here. The default + is '25' which means 25% of the '-Xmx' is used as the + initial heap size. You can skip this mechanism by + setting this value to '0' in which case no '-Xms' + option is added. e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a container + without any memory constraints for the container then + this option has no effect. If there is a memory constraint + then '-Xms' is limited to the value set here. The + default is 4096Mb which means the calculated value + of '-Xms' never will be greater than 4096Mb. The value + of this variable is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is set + to a ratio of the container available memory as set + here. The default is '50' which means 50% of the available + memory is used as an upper boundary. You can skip + this mechanism by setting this value to '0' in which + case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + name: + description: Server name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the SSO + integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + type: array + smartRouter: + description: SmartRouterObject configuration of the RHPAM smart + router + properties: + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param is + optional for custom image. + type: string + keystoreSecret: + description: Keystore secret name + type: string + protocol: + description: Smart Router protocol, if no value is provided, + http is the default protocol. + enum: + - http + - https + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + storageClassName: + description: The storageClassName to use + type: string + useExternalRoute: + description: If enabled, Business Central will use the external + smartrouter route to communicate with it. Note that, valid + SSL certificates should be used. + type: boolean + type: object + type: object + upgrades: + description: Specify the level of product upgrade that should be allowed + when an older product version is detected + properties: + enabled: + description: Set true to enable automatic micro version product + upgrades, it is disabled by default. + type: boolean + minor: + description: Set true to enable automatic minor product version + upgrades, it is disabled by default. Requires spec.upgrades.enabled + to be true. + type: boolean + type: object + useImageTags: + description: Set true to enable image tags, disabled by default. This + will leverage image tags instead of the image digests. + type: boolean + version: + description: The version of the application deployment. + type: string + required: + - environment + type: object + status: + description: KieAppStatus - The status for custom resources managed by + the operator-sdk. + properties: + applied: + description: KieAppSpec defines the desired state of KieApp + properties: + auth: + description: KieAppAuthObject Authentication specification to + be used by the KieApp + properties: + ldap: + description: LDAPAuthConfig Authentication configuration for + LDAP + properties: + baseCtxDN: + description: LDAP Base DN of the top-level context to + begin the user search. + type: string + baseFilter: + description: DAP search filter used to locate the context + of the user to authenticate. The input username or userDN + obtained from the login module callback is substituted + into the filter anywhere a {0} expression is used. A + common example for the search filter is (uid={0}). + type: string + bindCredential: + description: LDAP Credentials used for authentication + format: password + type: string + bindDN: + description: Bind DN used for authentication + type: string + defaultRole: + description: A role included for all authenticated users + type: string + distinguishedNameAttribute: + description: The name of the attribute in the user entry + that contains the DN of the user. This may be necessary + if the DN of the user itself contains special characters, + backslash for example, that prevent correct user mapping. + If the attribute does not exist, the entry’s DN is used. + type: string + jaasSecurityDomain: + description: The JMX ObjectName of the JaasSecurityDomain + used to decrypt the password. + type: string + loginModule: + description: A flag to set login module to optional. The + default value is required + enum: + - optional + - required + type: string + parseRoleNameFromDN: + description: A flag indicating if the DN returned by a + query contains the roleNameAttributeID. If set to true, + the DN is checked for the roleNameAttributeID. If set + to false, the DN is not checked for the roleNameAttributeID. + This flag can improve the performance of LDAP queries. + type: boolean + parseUsername: + description: A flag indicating if the DN is to be parsed + for the username. If set to true, the DN is parsed for + the username. If set to false the DN is not parsed for + the username. This option is used together with usernameBeginString + and usernameEndString. + type: boolean + referralUserAttributeIDToCheck: + description: If you are not using referrals, you can ignore + this option. When using referrals, this option denotes + the attribute name which contains users defined for + a certain role, for example member, if the role object + is inside the referral. Users are checked against the + content of this attribute name. If this option is not + set, the check will always fail, so role objects cannot + be stored in a referral tree. + type: string + roleAttributeID: + description: Name of the attribute containing the user + roles. + type: string + roleAttributeIsDN: + description: Whether or not the roleAttributeID contains + the fully-qualified DN of a role object. If false, the + role name is taken from the value of the roleNameAttributeId + attribute of the context name. Certain directory schemas, + such as Microsoft Active Directory, require this attribute + to be set to true. + type: boolean + roleFilter: + description: A search filter used to locate the roles + associated with the authenticated user. The input username + or userDN obtained from the login module callback is + substituted into the filter anywhere a {0} expression + is used. The authenticated userDN is substituted into + the filter anywhere a {1} is used. An example search + filter that matches on the input username is (member={0}). + An alternative that matches on the authenticated userDN + is (member={1}). + type: string + roleNameAttributeID: + description: Name of the attribute within the roleCtxDN + context which contains the role name. If the roleAttributeIsDN + property is set to true, this property is used to find + the role object’s name attribute. + type: string + roleRecursion: + description: The number of levels of recursion the role + search will go below a matching context. Disable recursion + by setting this to 0. + format: int16 + type: integer + rolesCtxDN: + description: The fixed DN of the context to search for + user roles. This is not the DN where the actual roles + are, but the DN where the objects containing the user + roles are. For example, in a Microsoft Active Directory + server, this is the DN where the user account is. + type: string + searchScope: + description: SearchScopeType Type used to define how the + LDAP searches are performed + enum: + - SUBTREE_SCOPE + - OBJECT_SCOPE + - ONELEVEL_SCOPE + type: string + searchTimeLimit: + description: The timeout in milliseconds for user or role + searches. + format: int32 + type: integer + url: + description: LDAP endpoint to connect for authentication. + For failover set two or more LDAP endpoints separated + by space + type: string + usernameBeginString: + description: Defines the String which is to be removed + from the start of the DN to reveal the username. This + option is used together with usernameEndString and only + taken into account if parseUsername is set to true. + type: string + usernameEndString: + description: Defines the String which is to be removed + from the end of the DN to reveal the username. This + option is used together with usernameBeginString and + only taken into account if parseUsername is set to true. + type: string + required: + - url + type: object + roleMapper: + description: When present, the RoleMapping Login Module will + be configured. + properties: + from: + description: ObjRef contains enough information to let + you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + replaceRole: + type: boolean + rolesProperties: + type: string + required: + - rolesProperties + type: object + sso: + description: SSOAuthConfig Authentication configuration for + SSO + properties: + adminPassword: + description: RH-SSO Realm Admin Password used to create + the Client + format: password + type: string + adminUser: + description: RH-SSO Realm Admin Username used to create + the Client if it doesn't exist + type: string + disableSSLCertValidation: + description: RH-SSO Disable SSL Certificate Validation + type: boolean + principalAttribute: + description: RH-SSO Principal Attribute to use as username + type: string + realm: + description: RH-SSO Realm name + type: string + url: + description: RH-SSO URL + type: string + required: + - realm + - url + type: object + type: object + commonConfig: + description: CommonConfig variables used in the templates + properties: + adminPassword: + description: The password to use for the adminUser. + format: password + type: string + adminUser: + description: The user to use for the admin. + type: string + amqClusterPassword: + description: The password to use for amq cluster user. + format: password + type: string + amqPassword: + description: The password to use for amq user. + format: password + type: string + applicationName: + description: The name of the application deployment. + type: string + dbPassword: + description: The password to use for databases. + format: password + type: string + keyStorePassword: + description: The password to use for keystore generation. + format: password + type: string + type: object + environment: + description: The name of the environment used as a baseline + enum: + - rhdm-authoring-ha + - rhdm-authoring + - rhdm-production-immutable + - rhdm-trial + - rhpam-authoring-ha + - rhpam-authoring + - rhpam-production-immutable + - rhpam-production + - rhpam-standalone-dashbuilder + - rhpam-trial + type: string + imageRegistry: + description: If required imagestreams are missing in both the + 'openshift' and local namespaces, the operator will create said + imagestreams locally using the registry specified here. + properties: + insecure: + description: A flag used to indicate the specified registry + is insecure. Defaults to 'false'. + type: boolean + registry: + description: Image registry's base 'url:port'. e.g. registry.example.com:5000. + Defaults to 'registry.redhat.io'. + type: string + type: object + objects: + description: Configuration of the RHPAM components + properties: + console: + description: ConsoleObject configuration of the RHPAM workbench + properties: + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will + never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + gitHooks: + description: GitHooksVolume GitHooks volume configuration + properties: + from: + description: ObjRef contains enough information to + let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. + For example, if the object reference is to a + container within a pod, this would take on a + value like: "spec.containers{name}" (where "name" + refers to the name of the container that triggered + the event) or if no container name is specified + "spec.containers[2]" (container with index 2 + in this pod). This syntax is chosen only to + have some well-defined way of referencing a + part of an object. TODO: this design is not + final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + mountPath: + description: Absolute path where the gitHooks folder + will be mounted. + type: string + sshSecret: + description: 'Secret to use for ssh key and known + hosts file. The secret must contain two files: id_rsa + and known_hosts.' + type: string + type: object + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by + the KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC + time versus previous GC times when determining + the new heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of + this variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after + GC to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after + GC to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent + outside the garbage collection (for example, the + time spent for application execution) to the time + spent in the garbage collection, it's desirable + that not more than 1 / (1 + n) e.g. 99 and means + 1% spent on gc, 4 means spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap memory. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xms' is set + to a ratio of the '-Xmx' memory as set here. The + default is '25' which means 25% of the '-Xmx' is + used as the initial heap size. You can skip this + mechanism by setting this value to '0' in which + case no '-Xms' option is added. e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a container + without any memory constraints for the container + then this option has no effect. If there is a memory + constraint then '-Xms' is limited to the value set + here. The default is 4096Mb which means the calculated + value of '-Xms' never will be greater than 4096Mb. + The value of this variable is expressed in MB. e.g. + '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is set + to a ratio of the container available memory as + set here. The default is '50' which means 50% of + the available memory is used as an upper boundary. + You can skip this mechanism by setting this value + to '0' in which case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + pvSize: + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the + SSO integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + dashbuilder: + description: DashbuilderObject configuration of the RHPAM + Dashbuilder + properties: + config: + description: DashbuilderConfig holds all configurations + that can be applied to the Dashbuilder env + properties: + allowExternalFileRegister: + description: Allow download of external (remote) files + into runtime. Default value is false + type: boolean + componentEnable: + description: When set to true enables external components. + type: boolean + componentPartition: + description: Components will be partitioned by the + Runtime Model ID. Default value is true + type: boolean + configMapProps: + description: Properties file with Dashbuilder configurations, + if set, uniq properties will be appended and, if + a property is set mode than once, the one from this + property file will be used. + type: string + dataSetPartition: + description: Datasets IDs will partitioned by the + Runtime Model ID. Default value is true + type: boolean + enableBusinessCentral: + description: Enables integration with Business Central + type: boolean + enableKieServer: + description: Enables integration with KIE Server + type: boolean + externalCompDir: + description: Base Directory where dashboards ZIPs + are stored. If PersistentConfigs is enabled and + ExternalCompDir is not pointing to a already existing + PV the /opt/kie/dashbuilder/components directory + will be used. + type: string + importFileLocation: + description: Set a static dashboard to run with runtime. + When this property is set no new imports are allowed. + type: string + importsBaseDir: + description: Base Directory where dashboards ZIPs + are stored. If PersistentConfigs is enabled and + ImportsBaseDir is not pointing to a already existing + PV the /opt/kie/dashbuilder/imports directory will + be used. If ImportFileLocation is set ImportsBaseDir + will be ignored. + type: string + kieServerDataSets: + description: Defines the KIE Server Datasets access + configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + kieServerTemplates: + description: Defines the KIE Server Templates access + configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + modelFileRemoval: + description: When enabled will also remove actual + model file from file system. Default value is false. + type: boolean + modelUpdate: + description: Allows Runtime to check model last update + in FS to update its content. Default value is true. + type: boolean + persistentConfigs: + description: Make Dashbuilder not ephemeral. If ImportFileLocation + is set PersistentConfigs will be ignored. Default + value is true. + type: boolean + runtimeMultipleImport: + description: Runtime will always allow use of new + imports (multi tenancy). Default value is false. + type: boolean + uploadSize: + description: Limits the size of uploaded dashboards + (in kb). Default value is 10485760 kb. + format: int64 + type: integer + type: object + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will + never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by + the KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC + time versus previous GC times when determining + the new heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of + this variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after + GC to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after + GC to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent + outside the garbage collection (for example, the + time spent for application execution) to the time + spent in the garbage collection, it's desirable + that not more than 1 / (1 + n) e.g. 99 and means + 1% spent on gc, 4 means spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap memory. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xms' is set + to a ratio of the '-Xmx' memory as set here. The + default is '25' which means 25% of the '-Xmx' is + used as the initial heap size. You can skip this + mechanism by setting this value to '0' in which + case no '-Xms' option is added. e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a container + without any memory constraints for the container + then this option has no effect. If there is a memory + constraint then '-Xms' is limited to the value set + here. The default is 4096Mb which means the calculated + value of '-Xms' never will be greater than 4096Mb. + The value of this variable is expressed in MB. e.g. + '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is set + to a ratio of the container available memory as + set here. The default is '50' which means 50% of + the available memory is used as an upper boundary. + You can skip this mechanism by setting this value + to '0' in which case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the + SSO integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + processMigration: + description: ProcessMigrationObject configuration of the RHPAM + PIM + properties: + database: + description: ProcessMigrationDatabaseObject Defines how + a Process Migration server will manage and create a + new Database or connect to an existing one + properties: + externalConfig: + description: CommonExtDBObjectRequiredURL common configuration + definition of an external database + properties: + backgroundValidation: + description: Sets the sql validation method to + background-validation, if set to false the validate-on-match + method will be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + driver: + description: Driver name to use. For example, + mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should + be broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + jdbcURL: + description: Database JDBC URL. For example, jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for the + configured datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for the + configured datasource. + type: string + password: + description: External database password + format: password + type: string + username: + description: External database username + type: string + required: + - driver + - jdbcURL + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to + create. For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + image: + description: The image to use for Process Instance Migration + e.g. rhpam-process-migration-rhel8, this param is optional + for custom image. + type: string + imageContext: + description: The image context to use for Process Instance + Migration e.g. rhpam-7, this param is optional for + custom image. + type: string + imageTag: + description: The image tag to use for Process Instance + Migration e.g. 7.9.0, this param is optional for custom + image. + type: string + type: object + servers: + description: Configuration of the each individual KIE server + items: + description: KieServerSet KIE Server configuration for a + single set, or for multiple sets if deployments is set + to >1 + properties: + build: + description: KieAppBuildObject Data to define how to + build an application from source + properties: + artifactDir: + description: List of directories from which archives + will be copied into the deployment folder. If + unspecified, all archives in /target will be copied. + type: string + env: + description: Env set environment variables for BuildConfigs + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined + environment variables in the container and + any service environment variables. If a + variable cannot be resolved, the reference + in the input string will be unchanged. The + $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the + container: only resources limits and + requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + extensionImageInstallDir: + description: Full path to the directory within the + extensions image where the extensions are located + (e.g. install.sh, modules/, etc.). + type: string + extensionImageStreamTag: + description: ImageStreamTag definition for the image + containing the drivers and configuration. For + example, custom-driver-image:7.7.0. + type: string + extensionImageStreamTagNamespace: + description: Namespace within which the ImageStream + definition for the image containing the drivers + and configuration is located. Defaults to openshift + namespace. + type: string + from: + description: ImageObjRef contains enough information + to let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an + object instead of an entire object, this string + should contain a valid JSON/Go field access + statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to + a container within a pod, this would take + on a value like: "spec.containers{name}" (where + "name" refers to the name of the container + that triggered the event) or if no container + name is specified "spec.containers[2]" (container + with index 2 in this pod). This syntax is + chosen only to have some well-defined way + of referencing a part of an object. TODO: + this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + gitSource: + description: GitSource Git coordinates to locate + the source code to build + properties: + contextDir: + description: Context/subdirectory where the + code is located, relatively to repo root + type: string + reference: + description: Branch to use in the git repository + type: string + uri: + description: Git URI for the s2i source + type: string + required: + - reference + - uri + type: object + kieServerContainerDeployment: + description: The Maven GAV to deploy, e.g., rhpam-kieserver-library=org.openshift.quickstarts:rhpam-kieserver-library:1.5.0-SNAPSHOT + type: string + mavenMirrorURL: + description: Maven mirror to use for S2I builds + type: string + webhooks: + items: + description: WebhookSecret Secret to use for a + given webhook + properties: + secret: + type: string + type: + description: WebhookType literal type to distinguish + between different types of Webhooks + enum: + - GitHub + - Generic + type: string + required: + - secret + - type + type: object + minItems: 1 + type: array + type: object + database: + description: DatabaseObject Defines how a KieServer + will manage and create a new Database or connect to + an existing one + properties: + externalConfig: + description: ExternalDatabaseObject configuration + definition of an external database + properties: + backgroundValidation: + description: Sets the sql validation method + to background-validation, if set to false + the validate-on-match method will be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + dialect: + description: Hibernate dialect class to use. + For example, org.hibernate.dialect.MySQL8Dialect + type: string + driver: + description: Driver name to use. For example, + mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should + be broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + host: + description: Database Host. For example, mydb.example.com + type: string + jdbcURL: + description: Database JDBC URL. For example, + jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for + the configured datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for + the configured datasource. + type: string + name: + description: Database Name. For example, rhpam + type: string + nonXA: + description: Sets the datasources type. It can + be XA or NONXA. For non XA set it to true. + Default value is false. + type: string + password: + description: External database password + format: password + type: string + port: + description: Database Port. For example, 3306 + type: string + username: + description: External database username + type: string + required: + - dialect + - driver + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to + create. For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + deployments: + description: Number of Server sets that will be deployed + format: int + type: integer + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + from: + description: ImageObjRef contains enough information + to let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to + the name of the container that triggered the event) + or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax + is chosen only to have some well-defined way of + referencing a part of an object. TODO: this design + is not final and this field is subject to change + in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + id: + description: Server ID + type: string + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, + this param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jms: + description: KieAppJmsObject messaging specification + to be used by the KieApp + properties: + amqEnableSSL: + description: Not intended to be set by the user, + if will be set to true if all required SSL parameters + are set. + type: boolean + amqKeystoreName: + description: The name of the AMQ keystore file. + type: string + amqKeystorePassword: + description: The password for the AMQ keystore and + certificate. + format: password + type: string + amqQueues: + description: AMQ broker broker comma separated queues, + if empty the values from default queues will be + used. + type: string + amqSecretName: + description: The name of a secret containing AMQ + SSL related files. + type: string + amqTruststoreName: + description: The name of the AMQ SSL Trust Store + file. + type: string + amqTruststorePassword: + description: The password for the AMQ Trust Store. + format: password + type: string + auditTransacted: + description: Determines if JMS session is transacted + or not - default true. + type: boolean + enableAudit: + description: Enable the Audit logging through JMS. + Default is false. + type: boolean + enableIntegration: + description: When set to true will configure the + KIE Server with JMS integration, if no configuration + is added, the default will be used. + type: boolean + enableSignal: + description: Enable the Signal configuration through + JMS. Default is false. + type: boolean + executor: + description: Set false to disable the JMS executor, + it is enabled by default. + type: boolean + executorTransacted: + description: Enable transactions for JMS executor, + disabled by default. + type: boolean + password: + description: AMQ broker password to connect do the + AMQ, generated if empty. + format: password + type: string + queueAudit: + description: JNDI name of audit logging queue for + JMS, example queue/CUSTOM.KIE.SERVER.AUDIT, default + is queue/KIE.SERVER.AUDIT. + type: string + queueExecutor: + description: JNDI name of executor queue for JMS, + example queue/CUSTOM.KIE.SERVER.EXECUTOR, default + is queue/KIE.SERVER.EXECUTOR. + type: string + queueRequest: + description: JNDI name of request queue for JMS, + example queue/CUSTOM.KIE.SERVER.REQUEST, default + is queue/KIE.SERVER.REQUEST. + type: string + queueResponse: + description: JNDI name of response queue for JMS, + example queue/CUSTOM.KIE.SERVER.RESPONSE, default + is queue/KIE.SERVER.RESPONSE. + type: string + queueSignal: + description: JNDI name of signal queue for JMS, + example queue/CUSTOM.KIE.SERVER.SIGNAL, default + is queue/KIE.SERVER.SIGNAL. + type: string + username: + description: AMQ broker username to connect do the + AMQ, generated if empty. + type: string + required: + - enableIntegration + type: object + jvm: + description: JvmObject JVM specification to be used + by the KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current + GC time versus previous GC times when determining + the new heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of + this variable should contain the necessary JRE + command-line options to specify the required GC, + which will override the default of '-XX:+UseParallelOldGC'. + e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after + GC to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega + bytes unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after + GC to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent + outside the garbage collection (for example, the + time spent for application execution) to the time + spent in the garbage collection, it's desirable + that not more than 1 / (1 + n) e.g. 99 and means + 1% spent on gc, 4 means spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. + Disabled by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap + memory. If used in a container without any memory + constraints for the container then this option + has no effect. If there is a memory constraint + then '-Xms' is set to a ratio of the '-Xmx' memory + as set here. The default is '25' which means 25% + of the '-Xmx' is used as the initial heap size. + You can skip this mechanism by setting this value + to '0' in which case no '-Xms' option is added. + e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a + container without any memory constraints for the + container then this option has no effect. If there + is a memory constraint then '-Xms' is limited + to the value set here. The default is 4096Mb which + means the calculated value of '-Xms' never will + be greater than 4096Mb. The value of this variable + is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is + set to a ratio of the container available memory + as set here. The default is '50' which means 50% + of the available memory is used as an upper boundary. + You can skip this mechanism by setting this value + to '0' in which case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + name: + description: Server name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the + SSO integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect + URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + type: array + smartRouter: + description: SmartRouterObject configuration of the RHPAM + smart router + properties: + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will + never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + keystoreSecret: + description: Keystore secret name + type: string + protocol: + description: Smart Router protocol, if no value is provided, + http is the default protocol. + enum: + - http + - https + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + storageClassName: + description: The storageClassName to use + type: string + useExternalRoute: + description: If enabled, Business Central will use the + external smartrouter route to communicate with it. Note + that, valid SSL certificates should be used. + type: boolean + type: object + type: object + upgrades: + description: Specify the level of product upgrade that should + be allowed when an older product version is detected + properties: + enabled: + description: Set true to enable automatic micro version product + upgrades, it is disabled by default. + type: boolean + minor: + description: Set true to enable automatic minor product version + upgrades, it is disabled by default. Requires spec.upgrades.enabled + to be true. + type: boolean + type: object + useImageTags: + description: Set true to enable image tags, disabled by default. + This will leverage image tags instead of the image digests. + type: boolean + version: + description: The version of the application deployment. + type: string + required: + - environment + type: object + conditions: + items: + description: Condition - The condition for the kie-cloud-operator + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + description: ReasonType - type of reason + type: string + status: + type: string + type: + description: ConditionType - type of condition + type: string + version: + type: string + required: + - status + - type + type: object + type: array + consoleHost: + type: string + deployments: + properties: + ready: + description: Deployments are ready to serve requests + items: + type: string + type: array + starting: + description: Deployments are starting, may or may not succeed + items: + type: string + type: array + stopped: + description: Deployments are not starting, unclear what next step + will be + items: + type: string + type: array + type: object + phase: + description: ConditionType - type of condition + type: string + version: + type: string + required: + - conditions + - deployments + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/deploy/olm-catalog/test/7.10.1-3/manifests/businessautomation-operator.7.10.1-3.clusterserviceversion.yaml b/deploy/olm-catalog/test/7.10.1-3/manifests/businessautomation-operator.7.10.1-3.clusterserviceversion.yaml new file mode 100644 index 000000000..90a956239 --- /dev/null +++ b/deploy/olm-catalog/test/7.10.1-3/manifests/businessautomation-operator.7.10.1-3.clusterserviceversion.yaml @@ -0,0 +1,461 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: '[{"apiVersion":"app.kiegroup.org/v2","kind":"KieApp","metadata":{"name":"rhpam-trial"},"spec":{"environment":"rhpam-trial"}}]' + capabilities: Seamless Upgrades + categories: Integration & Delivery + certified: "true" + containerImage: registry-proxy.engineering.redhat.com/rh-osbs/rhpam-7-rhpam-rhel8-operator:7.10.1 + createdAt: "2021-04-16 12:35:56" + description: Deploys and manages Red Hat Process Automation Manager and Red Hat Decision Manager environments. + operators.openshift.io/infrastructure-features: '["Disconnected"]' + repository: https://github.com/kiegroup/kie-cloud-operator + support: Red Hat + tectonic-visibility: ocs + labels: + operator-businessautomation: "true" + operatorframework.io/arch.amd64: supported + operatorframework.io/os.linux: supported + name: businessautomation-operator.7.10.1-3-dev-xrfpwjn8b7 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: A project prescription running an RHPAM/RHDM environment. + displayName: KieApp + kind: KieApp + name: kieapps.app.kiegroup.org + resources: + - kind: DeploymentConfig + name: "" + version: apps.openshift.io/v1 + - kind: StatefulSet + name: "" + version: apps/v1 + - kind: Role + name: "" + version: rbac.authorization.k8s.io/v1 + - kind: RoleBinding + name: "" + version: rbac.authorization.k8s.io/v1 + - kind: Route + name: "" + version: route.openshift.io/v1 + - kind: BuildConfig + name: "" + version: build.openshift.io/v1 + - kind: ImageStream + name: "" + version: image.openshift.io/v1 + - kind: Secret + name: "" + version: v1 + - kind: PersistentVolumeClaim + name: "" + version: v1 + - kind: ServiceAccount + name: "" + version: v1 + - kind: Service + name: "" + version: v1 + specDescriptors: + - description: Set true to enable automatic micro version product upgrades, it is disabled by default. + displayName: Enable Upgrades + path: upgrades.enabled + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - description: Set true to enable automatic minor product version upgrades, it is disabled by default. Requires spec.upgrades.enabled to be true. + displayName: Include minor version upgrades + path: upgrades.minor + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - description: Set true to enable image tags, disabled by default. This will leverage image tags instead of the image digests. + displayName: Use Image Tags + path: useImageTags + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - description: Environment deployed. + displayName: Environment + path: environment + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:label + statusDescriptors: + - description: Product version installed. + displayName: Version + path: version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:label + - description: Current phase. + displayName: Status + path: phase + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:label + - description: The address for accessing Business Central, if it is deployed. + displayName: Business/Decision Central URL + path: consoleHost + x-descriptors: + - urn:alm:descriptor:org.w3:link + - description: Deployments for the KieApp environment. + displayName: Deployments + path: deployments + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:podStatuses + version: v2 + description: |- + Deploys and manages Red Hat Process Automation Manager and Red Hat Decision Manager environments. + + * **Red Hat Process Automation Manager** is a platform for developing containerized microservices and applications that automate business decisions and processes. It includes business process management (BPM), business rules management (BRM), and business resource optimization and complex event processing (CEP) technologies. It also includes a user experience platform to create engaging user interfaces for process and decision services with minimal coding. + + * **Red Hat Decision Manager** is a platform for developing containerized microservices and applications that automate business decisions. It includes business rules management, complex event processing, and resource optimization technologies. Organizations can incorporate sophisticated decision logic into line-of-business applications and quickly update underlying business rules as market conditions change. + + [See more](https://www.redhat.com/en/products/process-automation). + displayName: Business Automation + icon: + - base64data: PHN2ZyBpZD0iTGF5ZXJfMSIgZGF0YS1uYW1lPSJMYXllciAxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCA3MjEuMTUgNzIxLjE1Ij48ZGVmcz48c3R5bGU+LmNscy0xe2ZpbGw6I2RkMzkyNjt9LmNscy0ye2ZpbGw6I2NjMzQyNzt9LmNscy0ze2ZpbGw6I2ZmZjt9LmNscy00e2ZpbGw6I2U1ZTVlNDt9PC9zdHlsZT48L2RlZnM+PHRpdGxlPlByb2R1Y3RfSWNvbi1SZWRfSGF0LUF1dG9tYXRpb24tUkdCPC90aXRsZT48Y2lyY2xlIGNsYXNzPSJjbHMtMSIgY3g9IjM2MC41NyIgY3k9IjM2MC41NyIgcj0iMzU4LjU4Ii8+PHBhdGggY2xhc3M9ImNscy0yIiBkPSJNNjEzLjc4LDEwNy4wOSwxMDYuNzIsNjE0LjE2YzE0MC4xNCwxMzguNjIsMzY2LjExLDEzOC4xNiw1MDUuNjctMS40Uzc1Mi40LDI0Ny4yNCw2MTMuNzgsMTA3LjA5WiIvPjxwb2x5Z29uIGNsYXNzPSJjbHMtMyIgcG9pbnRzPSIzNzguOTcgMzI3LjQ4IDQ2MS43NyAxNTkuNTcgMjU5LjY3IDE1OS40OSAyNTkuNjcgNDEzLjEgMzA2Ljk3IDQxMy43OCAzOTMuMjcgMzI3LjQ3IDM3OC45NyAzMjcuNDgiLz48cG9seWdvbiBjbGFzcz0iY2xzLTQiIHBvaW50cz0iMzU5LjYgNTc4LjA2IDQ4Mi41NSAzMjcuNDUgMzkzLjI3IDMyNy40NyAzMDYuOTcgNDEzLjc4IDM1OS42IDQxNC41MiAzNTkuNiA1NzguMDYiLz48L3N2Zz4= + mediatype: image/svg+xml + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - console.openshift.io + resources: + - consolelinks + - consoleyamlsamples + verbs: + - get + - create + - update + - delete + serviceAccountName: business-automation-operator + deployments: + - name: business-automation-operator + spec: + replicas: 1 + selector: + matchLabels: + name: business-automation-operator + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + labels: + name: business-automation-operator + spec: + containers: + - command: + - kie-cloud-operator + env: + - name: OPERATOR_NAME + valueFrom: + fieldRef: + fieldPath: metadata.labels['name'] + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_UI + value: "true" + - name: DEBUG + value: "false" + - name: RELATED_IMAGE_DM_KIESERVER_IMAGE_7.9.1 + value: registry.redhat.io/rhdm-7/rhdm-kieserver-rhel8:7.9.1 + - name: RELATED_IMAGE_DM_CONTROLLER_IMAGE_7.9.1 + value: registry.redhat.io/rhdm-7/rhdm-controller-rhel8:7.9.1 + - name: RELATED_IMAGE_DM_DC_IMAGE_7.9.1 + value: registry.redhat.io/rhdm-7/rhdm-decisioncentral-rhel8:7.9.1 + - name: RELATED_IMAGE_PAM_KIESERVER_IMAGE_7.9.1 + value: registry.redhat.io/rhpam-7/rhpam-kieserver-rhel8:7.9.1 + - name: RELATED_IMAGE_PAM_CONTROLLER_IMAGE_7.9.1 + value: registry.redhat.io/rhpam-7/rhpam-controller-rhel8:7.9.1 + - name: RELATED_IMAGE_PAM_BC_IMAGE_7.9.1 + value: registry.redhat.io/rhpam-7/rhpam-businesscentral-rhel8:7.9.1 + - name: RELATED_IMAGE_PAM_BC_MONITORING_IMAGE_7.9.1 + value: registry.redhat.io/rhpam-7/rhpam-businesscentral-monitoring-rhel8:7.9.1 + - name: RELATED_IMAGE_PAM_SMARTROUTER_IMAGE_7.9.1 + value: registry.redhat.io/rhpam-7/rhpam-smartrouter-rhel8:7.9.1 + - name: RELATED_IMAGE_PAM_PROCESS_MIGRATION_IMAGE_7.9.1 + value: registry.redhat.io/rhpam-7/rhpam-process-migration-rhel8:7.9.1 + - name: RELATED_IMAGE_OSE_CLI_IMAGE_7.9.1 + value: registry.redhat.io/openshift3/ose-cli:v3.11 + - name: RELATED_IMAGE_MYSQL_PROXY_IMAGE_7.9.1 + value: registry.redhat.io/rhscl/mysql-80-rhel7:latest + - name: RELATED_IMAGE_POSTGRESQL_PROXY_IMAGE_7.9.1 + value: registry.redhat.io/rhscl/postgresql-10-rhel7:latest + - name: RELATED_IMAGE_DATAGRID_IMAGE_7.9.1 + value: registry.redhat.io/jboss-datagrid-7/datagrid73-openshift:1.6 + - name: RELATED_IMAGE_BROKER_IMAGE_7.9.1 + value: registry.redhat.io/amq7/amq-broker:7.7 + - name: RELATED_IMAGE_DM_KIESERVER_IMAGE_7.10.1 + value: registry-proxy.engineering.redhat.com/rhdm-7/rhdm-kieserver-rhel8:7.10.1 + - name: RELATED_IMAGE_DM_CONTROLLER_IMAGE_7.10.1 + value: registry-proxy.engineering.redhat.com/rhdm-7/rhdm-controller-rhel8:7.10.1 + - name: RELATED_IMAGE_DM_DC_IMAGE_7.10.1 + value: registry-proxy.engineering.redhat.com/rhdm-7/rhdm-decisioncentral-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_KIESERVER_IMAGE_7.10.1 + value: registry-proxy.engineering.redhat.com/rhpam-7/rhpam-kieserver-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_CONTROLLER_IMAGE_7.10.1 + value: registry-proxy.engineering.redhat.com/rhpam-7/rhpam-controller-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_BC_IMAGE_7.10.1 + value: registry-proxy.engineering.redhat.com/rhpam-7/rhpam-businesscentral-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_BC_MONITORING_IMAGE_7.10.1 + value: registry-proxy.engineering.redhat.com/rhpam-7/rhpam-businesscentral-monitoring-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_SMARTROUTER_IMAGE_7.10.1 + value: registry-proxy.engineering.redhat.com/rhpam-7/rhpam-smartrouter-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_PROCESS_MIGRATION_IMAGE_7.10.1 + value: registry-proxy.engineering.redhat.com/rhpam-7/rhpam-process-migration-rhel8:7.10.1 + - name: RELATED_IMAGE_PAM_DASHBUILDER_IMAGE_7.10.1 + value: registry-proxy.engineering.redhat.com/rhpam-7/rhpam-dashbuilder-rhel8:7.10.1 + - name: RELATED_IMAGE_OSE_CLI_IMAGE_7.10.1 + value: registry.redhat.io/openshift3/ose-cli:v3.11 + - name: RELATED_IMAGE_MYSQL_PROXY_IMAGE_7.10.1 + value: registry.redhat.io/rhscl/mysql-80-rhel7:latest + - name: RELATED_IMAGE_POSTGRESQL_PROXY_IMAGE_7.10.1 + value: registry.redhat.io/rhscl/postgresql-10-rhel7:latest + - name: RELATED_IMAGE_DATAGRID_IMAGE_7.10.1 + value: registry.redhat.io/jboss-datagrid-7/datagrid73-openshift:1.6 + - name: RELATED_IMAGE_BROKER_IMAGE_7.10.1 + value: registry.redhat.io/amq7/amq-broker:7.8 + - name: RELATED_IMAGE_DM_KIESERVER_IMAGE_7.10.0 + value: registry.redhat.io/rhdm-7/rhdm-kieserver-rhel8:7.10.0 + - name: RELATED_IMAGE_DM_CONTROLLER_IMAGE_7.10.0 + value: registry.redhat.io/rhdm-7/rhdm-controller-rhel8:7.10.0 + - name: RELATED_IMAGE_DM_DC_IMAGE_7.10.0 + value: registry.redhat.io/rhdm-7/rhdm-decisioncentral-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_KIESERVER_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-kieserver-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_CONTROLLER_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-controller-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_BC_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-businesscentral-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_BC_MONITORING_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-businesscentral-monitoring-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_SMARTROUTER_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-smartrouter-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_PROCESS_MIGRATION_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-process-migration-rhel8:7.10.0 + - name: RELATED_IMAGE_PAM_DASHBUILDER_IMAGE_7.10.0 + value: registry.redhat.io/rhpam-7/rhpam-dashbuilder-rhel8:7.10.0 + - name: RELATED_IMAGE_OSE_CLI_IMAGE_7.10.0 + value: registry.redhat.io/openshift3/ose-cli:v3.11 + - name: RELATED_IMAGE_MYSQL_PROXY_IMAGE_7.10.0 + value: registry.redhat.io/rhscl/mysql-80-rhel7:latest + - name: RELATED_IMAGE_POSTGRESQL_PROXY_IMAGE_7.10.0 + value: registry.redhat.io/rhscl/postgresql-10-rhel7:latest + - name: RELATED_IMAGE_DATAGRID_IMAGE_7.10.0 + value: registry.redhat.io/jboss-datagrid-7/datagrid73-openshift:1.6 + - name: RELATED_IMAGE_BROKER_IMAGE_7.10.0 + value: registry.redhat.io/amq7/amq-broker:7.8 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_LATEST + value: registry.redhat.io/openshift4/ose-oauth-proxy:latest + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.7 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.7 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.6 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.6 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.5 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.5 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.4 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.4 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.3 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.3 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.2 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.2 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_4.1 + value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.1 + - name: RELATED_IMAGE_OAUTH_PROXY_IMAGE_3 + value: registry.redhat.io/openshift3/oauth-proxy:latest + image: registry-proxy.engineering.redhat.com/rh-osbs/rhpam-7-rhpam-rhel8-operator:7.10.1 + imagePullPolicy: Always + name: business-automation-operator + resources: {} + serviceAccountName: business-automation-operator + permissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + - pods + - services + - services/finalizers + - serviceaccounts + - persistentvolumeclaims + - secrets + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - deployments + - deployments/finalizers + - replicasets + - statefulsets + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - apps.openshift.io + resources: + - deploymentconfigs + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + - roles + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - route.openshift.io + resources: + - routes + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - build.openshift.io + resources: + - buildconfigs + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - image.openshift.io + resources: + - images + - imagestreams + - imagestreamimages + - imagestreamtags + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - app.kiegroup.org + resources: + - kieapps + - kieapps/status + - kieapps/finalizers + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + - create + - apiGroups: + - operators.coreos.com + resources: + - clusterserviceversions + - subscriptions + verbs: + - get + - list + - patch + - update + - watch + serviceAccountName: business-automation-operator + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: false + type: AllNamespaces + keywords: + - kieapp + - pam + - decision + - kie + - cloud + - bpm + - process + - automation + - operator + labels: + alm-owner-businessautomation: businessautomation-operator + operated-by: businessautomation-operator.7.10.1-3-dev-xrfpwjn8b7 + links: + - name: Product Page + url: https://access.redhat.com/products/red-hat-process-automation-manager + - name: Documentation + url: https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.10/#category-deploying-red-hat-process-automation-manager-on-openshift + maintainers: + - email: bsig-cloud@redhat.com + name: Red Hat + maturity: test + provider: + name: Red Hat + replaces: businessautomation-operator.7.10.1-2 + selector: + matchLabels: + alm-owner-businessautomation: businessautomation-operator + operated-by: businessautomation-operator.7.10.1-3-dev-xrfpwjn8b7 + version: 7.10.1-3+xrfpwjn8b7 diff --git a/deploy/olm-catalog/test/7.10.1-3/manifests/kieapp.crd.yaml b/deploy/olm-catalog/test/7.10.1-3/manifests/kieapp.crd.yaml new file mode 100644 index 000000000..62a6ef582 --- /dev/null +++ b/deploy/olm-catalog/test/7.10.1-3/manifests/kieapp.crd.yaml @@ -0,0 +1,4348 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kieapps.app.kiegroup.org +spec: + group: app.kiegroup.org + names: + kind: KieApp + listKind: KieAppList + plural: kieapps + singular: kieapp + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The version of the application deployment + jsonPath: .status.version + name: Version + type: string + - description: The name of the environment used as a baseline + jsonPath: .spec.environment + name: Environment + type: string + - description: The status of the KieApp deployment + jsonPath: .status.phase + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v2 + schema: + openAPIV3Schema: + description: KieApp is the Schema for the kieapps API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KieAppSpec defines the desired state of KieApp + properties: + auth: + description: KieAppAuthObject Authentication specification to be used + by the KieApp + properties: + ldap: + description: LDAPAuthConfig Authentication configuration for LDAP + properties: + baseCtxDN: + description: LDAP Base DN of the top-level context to begin + the user search. + type: string + baseFilter: + description: DAP search filter used to locate the context + of the user to authenticate. The input username or userDN + obtained from the login module callback is substituted into + the filter anywhere a {0} expression is used. A common example + for the search filter is (uid={0}). + type: string + bindCredential: + description: LDAP Credentials used for authentication + format: password + type: string + bindDN: + description: Bind DN used for authentication + type: string + defaultRole: + description: A role included for all authenticated users + type: string + distinguishedNameAttribute: + description: The name of the attribute in the user entry that + contains the DN of the user. This may be necessary if the + DN of the user itself contains special characters, backslash + for example, that prevent correct user mapping. If the attribute + does not exist, the entry’s DN is used. + type: string + jaasSecurityDomain: + description: The JMX ObjectName of the JaasSecurityDomain + used to decrypt the password. + type: string + loginModule: + description: A flag to set login module to optional. The default + value is required + enum: + - optional + - required + type: string + parseRoleNameFromDN: + description: A flag indicating if the DN returned by a query + contains the roleNameAttributeID. If set to true, the DN + is checked for the roleNameAttributeID. If set to false, + the DN is not checked for the roleNameAttributeID. This + flag can improve the performance of LDAP queries. + type: boolean + parseUsername: + description: A flag indicating if the DN is to be parsed for + the username. If set to true, the DN is parsed for the username. + If set to false the DN is not parsed for the username. This + option is used together with usernameBeginString and usernameEndString. + type: boolean + referralUserAttributeIDToCheck: + description: If you are not using referrals, you can ignore + this option. When using referrals, this option denotes the + attribute name which contains users defined for a certain + role, for example member, if the role object is inside the + referral. Users are checked against the content of this + attribute name. If this option is not set, the check will + always fail, so role objects cannot be stored in a referral + tree. + type: string + roleAttributeID: + description: Name of the attribute containing the user roles. + type: string + roleAttributeIsDN: + description: Whether or not the roleAttributeID contains the + fully-qualified DN of a role object. If false, the role + name is taken from the value of the roleNameAttributeId + attribute of the context name. Certain directory schemas, + such as Microsoft Active Directory, require this attribute + to be set to true. + type: boolean + roleFilter: + description: A search filter used to locate the roles associated + with the authenticated user. The input username or userDN + obtained from the login module callback is substituted into + the filter anywhere a {0} expression is used. The authenticated + userDN is substituted into the filter anywhere a {1} is + used. An example search filter that matches on the input + username is (member={0}). An alternative that matches on + the authenticated userDN is (member={1}). + type: string + roleNameAttributeID: + description: Name of the attribute within the roleCtxDN context + which contains the role name. If the roleAttributeIsDN property + is set to true, this property is used to find the role object’s + name attribute. + type: string + roleRecursion: + description: The number of levels of recursion the role search + will go below a matching context. Disable recursion by setting + this to 0. + format: int16 + type: integer + rolesCtxDN: + description: The fixed DN of the context to search for user + roles. This is not the DN where the actual roles are, but + the DN where the objects containing the user roles are. + For example, in a Microsoft Active Directory server, this + is the DN where the user account is. + type: string + searchScope: + description: SearchScopeType Type used to define how the LDAP + searches are performed + enum: + - SUBTREE_SCOPE + - OBJECT_SCOPE + - ONELEVEL_SCOPE + type: string + searchTimeLimit: + description: The timeout in milliseconds for user or role + searches. + format: int32 + type: integer + url: + description: LDAP endpoint to connect for authentication. + For failover set two or more LDAP endpoints separated by + space + type: string + usernameBeginString: + description: Defines the String which is to be removed from + the start of the DN to reveal the username. This option + is used together with usernameEndString and only taken into + account if parseUsername is set to true. + type: string + usernameEndString: + description: Defines the String which is to be removed from + the end of the DN to reveal the username. This option is + used together with usernameBeginString and only taken into + account if parseUsername is set to true. + type: string + required: + - url + type: object + roleMapper: + description: When present, the RoleMapping Login Module will be + configured. + properties: + from: + description: ObjRef contains enough information to let you + inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + replaceRole: + type: boolean + rolesProperties: + type: string + required: + - rolesProperties + type: object + sso: + description: SSOAuthConfig Authentication configuration for SSO + properties: + adminPassword: + description: RH-SSO Realm Admin Password used to create the + Client + format: password + type: string + adminUser: + description: RH-SSO Realm Admin Username used to create the + Client if it doesn't exist + type: string + disableSSLCertValidation: + description: RH-SSO Disable SSL Certificate Validation + type: boolean + principalAttribute: + description: RH-SSO Principal Attribute to use as username + type: string + realm: + description: RH-SSO Realm name + type: string + url: + description: RH-SSO URL + type: string + required: + - realm + - url + type: object + type: object + commonConfig: + description: CommonConfig variables used in the templates + properties: + adminPassword: + description: The password to use for the adminUser. + format: password + type: string + adminUser: + description: The user to use for the admin. + type: string + amqClusterPassword: + description: The password to use for amq cluster user. + format: password + type: string + amqPassword: + description: The password to use for amq user. + format: password + type: string + applicationName: + description: The name of the application deployment. + type: string + dbPassword: + description: The password to use for databases. + format: password + type: string + keyStorePassword: + description: The password to use for keystore generation. + format: password + type: string + type: object + environment: + description: The name of the environment used as a baseline + enum: + - rhdm-authoring-ha + - rhdm-authoring + - rhdm-production-immutable + - rhdm-trial + - rhpam-authoring-ha + - rhpam-authoring + - rhpam-production-immutable + - rhpam-production + - rhpam-standalone-dashbuilder + - rhpam-trial + type: string + imageRegistry: + description: If required imagestreams are missing in both the 'openshift' + and local namespaces, the operator will create said imagestreams + locally using the registry specified here. + properties: + insecure: + description: A flag used to indicate the specified registry is + insecure. Defaults to 'false'. + type: boolean + registry: + description: Image registry's base 'url:port'. e.g. registry.example.com:5000. + Defaults to 'registry.redhat.io'. + type: string + type: object + objects: + description: Configuration of the RHPAM components + properties: + console: + description: ConsoleObject configuration of the RHPAM workbench + properties: + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + gitHooks: + description: GitHooksVolume GitHooks volume configuration + properties: + from: + description: ObjRef contains enough information to let + you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + mountPath: + description: Absolute path where the gitHooks folder will + be mounted. + type: string + sshSecret: + description: 'Secret to use for ssh key and known hosts + file. The secret must contain two files: id_rsa and + known_hosts.' + type: string + type: object + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param is + optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by the + KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC time + versus previous GC times when determining the new heap + size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of this + variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after GC + to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after GC + to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent outside + the garbage collection (for example, the time spent + for application execution) to the time spent in the + garbage collection, it's desirable that not more than + 1 / (1 + n) e.g. 99 and means 1% spent on gc, 4 means + spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate a default initial + heap memory based on the maximum heap memory. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xms' is set to a ratio of + the '-Xmx' memory as set here. The default is '25' which + means 25% of the '-Xmx' is used as the initial heap + size. You can skip this mechanism by setting this value + to '0' in which case no '-Xms' option is added. e.g. + '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate the maximum value + of the initial heap memory. If used in a container without + any memory constraints for the container then this option + has no effect. If there is a memory constraint then + '-Xms' is limited to the value set here. The default + is 4096Mb which means the calculated value of '-Xms' + never will be greater than 4096Mb. The value of this + variable is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given in + JAVA_OPTS. This is used to calculate a default maximal + heap memory based on a containers restriction. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xmx' is set to a ratio of + the container available memory as set here. The default + is '50' which means 50% of the available memory is used + as an upper boundary. You can skip this mechanism by + setting this value to '0' in which case no '-Xmx' option + is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + pvSize: + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the SSO + integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + dashbuilder: + description: DashbuilderObject configuration of the RHPAM Dashbuilder + properties: + config: + description: DashbuilderConfig holds all configurations that + can be applied to the Dashbuilder env + properties: + allowExternalFileRegister: + description: Allow download of external (remote) files + into runtime. Default value is false + type: boolean + componentEnable: + description: When set to true enables external components. + type: boolean + componentPartition: + description: Components will be partitioned by the Runtime + Model ID. Default value is true + type: boolean + configMapProps: + description: Properties file with Dashbuilder configurations, + if set, uniq properties will be appended and, if a property + is set mode than once, the one from this property file + will be used. + type: string + dataSetPartition: + description: Datasets IDs will partitioned by the Runtime + Model ID. Default value is true + type: boolean + enableBusinessCentral: + description: Enables integration with Business Central + type: boolean + enableKieServer: + description: Enables integration with KIE Server + type: boolean + externalCompDir: + description: Base Directory where dashboards ZIPs are + stored. If PersistentConfigs is enabled and ExternalCompDir + is not pointing to a already existing PV the /opt/kie/dashbuilder/components + directory will be used. + type: string + importFileLocation: + description: Set a static dashboard to run with runtime. + When this property is set no new imports are allowed. + type: string + importsBaseDir: + description: Base Directory where dashboards ZIPs are + stored. If PersistentConfigs is enabled and ImportsBaseDir + is not pointing to a already existing PV the /opt/kie/dashbuilder/imports + directory will be used. If ImportFileLocation is set + ImportsBaseDir will be ignored. + type: string + kieServerDataSets: + description: Defines the KIE Server Datasets access configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + kieServerTemplates: + description: Defines the KIE Server Templates access configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + modelFileRemoval: + description: When enabled will also remove actual model + file from file system. Default value is false. + type: boolean + modelUpdate: + description: Allows Runtime to check model last update + in FS to update its content. Default value is true. + type: boolean + persistentConfigs: + description: Make Dashbuilder not ephemeral. If ImportFileLocation + is set PersistentConfigs will be ignored. Default value + is true. + type: boolean + runtimeMultipleImport: + description: Runtime will always allow use of new imports + (multi tenancy). Default value is false. + type: boolean + uploadSize: + description: Limits the size of uploaded dashboards (in + kb). Default value is 10485760 kb. + format: int64 + type: integer + type: object + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param is + optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by the + KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC time + versus previous GC times when determining the new heap + size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of this + variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after GC + to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after GC + to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent outside + the garbage collection (for example, the time spent + for application execution) to the time spent in the + garbage collection, it's desirable that not more than + 1 / (1 + n) e.g. 99 and means 1% spent on gc, 4 means + spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate a default initial + heap memory based on the maximum heap memory. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xms' is set to a ratio of + the '-Xmx' memory as set here. The default is '25' which + means 25% of the '-Xmx' is used as the initial heap + size. You can skip this mechanism by setting this value + to '0' in which case no '-Xms' option is added. e.g. + '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given in + JAVA_OPTS. This is used to calculate the maximum value + of the initial heap memory. If used in a container without + any memory constraints for the container then this option + has no effect. If there is a memory constraint then + '-Xms' is limited to the value set here. The default + is 4096Mb which means the calculated value of '-Xms' + never will be greater than 4096Mb. The value of this + variable is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given in + JAVA_OPTS. This is used to calculate a default maximal + heap memory based on a containers restriction. If used + in a container without any memory constraints for the + container then this option has no effect. If there is + a memory constraint then '-Xmx' is set to a ratio of + the container available memory as set here. The default + is '50' which means 50% of the available memory is used + as an upper boundary. You can skip this mechanism by + setting this value to '0' in which case no '-Xmx' option + is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the SSO + integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + processMigration: + description: ProcessMigrationObject configuration of the RHPAM + PIM + properties: + database: + description: ProcessMigrationDatabaseObject Defines how a + Process Migration server will manage and create a new Database + or connect to an existing one + properties: + externalConfig: + description: CommonExtDBObjectRequiredURL common configuration + definition of an external database + properties: + backgroundValidation: + description: Sets the sql validation method to background-validation, + if set to false the validate-on-match method will + be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + driver: + description: Driver name to use. For example, mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should be + broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + jdbcURL: + description: Database JDBC URL. For example, jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for the configured + datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for the configured + datasource. + type: string + password: + description: External database password + format: password + type: string + username: + description: External database username + type: string + required: + - driver + - jdbcURL + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to create. + For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + image: + description: The image to use for Process Instance Migration + e.g. rhpam-process-migration-rhel8, this param is optional + for custom image. + type: string + imageContext: + description: The image context to use for Process Instance + Migration e.g. rhpam-7, this param is optional for custom + image. + type: string + imageTag: + description: The image tag to use for Process Instance Migration + e.g. 7.9.0, this param is optional for custom image. + type: string + type: object + servers: + description: Configuration of the each individual KIE server + items: + description: KieServerSet KIE Server configuration for a single + set, or for multiple sets if deployments is set to >1 + properties: + build: + description: KieAppBuildObject Data to define how to build + an application from source + properties: + artifactDir: + description: List of directories from which archives + will be copied into the deployment folder. If unspecified, + all archives in /target will be copied. + type: string + disableKCVerification: + description: Disable Maven KIE Jar verification. It + is recommended to test the kjar manually before disabling + this verification. + type: boolean + disablePullDeps: + description: Disable Maven pull dependencies for immutable + KIE Server configurations for S2I and pre built kjars. + Useful for pre-compiled kjar. + type: boolean + env: + description: Env set environment variables for BuildConfigs + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + extensionImageInstallDir: + description: Full path to the directory within the extensions + image where the extensions are located (e.g. install.sh, + modules/, etc.). + type: string + extensionImageStreamTag: + description: ImageStreamTag definition for the image + containing the drivers and configuration. For example, + custom-driver-image:7.7.0. + type: string + extensionImageStreamTagNamespace: + description: Namespace within which the ImageStream + definition for the image containing the drivers and + configuration is located. Defaults to openshift namespace. + type: string + from: + description: ImageObjRef contains enough information + to let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to + the name of the container that triggered the event) + or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax + is chosen only to have some well-defined way of + referencing a part of an object. TODO: this design + is not final and this field is subject to change + in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + gitSource: + description: GitSource Git coordinates to locate the + source code to build + properties: + contextDir: + description: Context/subdirectory where the code + is located, relatively to repo root + type: string + reference: + description: Branch to use in the git repository + type: string + uri: + description: Git URI for the s2i source + type: string + required: + - reference + - uri + type: object + kieServerContainerDeployment: + description: The Maven GAV to deploy, e.g., rhpam-kieserver-library=org.openshift.quickstarts:rhpam-kieserver-library:1.5.0-SNAPSHOT + type: string + mavenMirrorURL: + description: Maven mirror to use for S2I builds + type: string + webhooks: + items: + description: WebhookSecret Secret to use for a given + webhook + properties: + secret: + type: string + type: + description: WebhookType literal type to distinguish + between different types of Webhooks + enum: + - GitHub + - Generic + type: string + required: + - secret + - type + type: object + minItems: 1 + type: array + type: object + database: + description: DatabaseObject Defines how a KieServer will + manage and create a new Database or connect to an existing + one + properties: + externalConfig: + description: ExternalDatabaseObject configuration definition + of an external database + properties: + backgroundValidation: + description: Sets the sql validation method to background-validation, + if set to false the validate-on-match method will + be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + dialect: + description: Hibernate dialect class to use. For + example, org.hibernate.dialect.MySQL8Dialect + type: string + driver: + description: Driver name to use. For example, mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should be + broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + host: + description: Database Host. For example, mydb.example.com + type: string + jdbcURL: + description: Database JDBC URL. For example, jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for the + configured datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for the + configured datasource. + type: string + name: + description: Database Name. For example, rhpam + type: string + nonXA: + description: Sets the datasources type. It can be + XA or NONXA. For non XA set it to true. Default + value is false. + type: string + password: + description: External database password + format: password + type: string + port: + description: Database Port. For example, 3306 + type: string + username: + description: External database username + type: string + required: + - dialect + - driver + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to create. + For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + deployments: + description: Number of Server sets that will be deployed + format: int + type: integer + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never + be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + from: + description: ImageObjRef contains enough information to + let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a + valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to + have some well-defined way of referencing a part of + an object. TODO: this design is not final and this + field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + id: + description: Server ID + type: string + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jms: + description: KieAppJmsObject messaging specification to + be used by the KieApp + properties: + amqEnableSSL: + description: Not intended to be set by the user, if + will be set to true if all required SSL parameters + are set. + type: boolean + amqKeystoreName: + description: The name of the AMQ keystore file. + type: string + amqKeystorePassword: + description: The password for the AMQ keystore and certificate. + format: password + type: string + amqQueues: + description: AMQ broker broker comma separated queues, + if empty the values from default queues will be used. + type: string + amqSecretName: + description: The name of a secret containing AMQ SSL + related files. + type: string + amqTruststoreName: + description: The name of the AMQ SSL Trust Store file. + type: string + amqTruststorePassword: + description: The password for the AMQ Trust Store. + format: password + type: string + auditTransacted: + description: Determines if JMS session is transacted + or not - default true. + type: boolean + enableAudit: + description: Enable the Audit logging through JMS. Default + is false. + type: boolean + enableIntegration: + description: When set to true will configure the KIE + Server with JMS integration, if no configuration is + added, the default will be used. + type: boolean + enableSignal: + description: Enable the Signal configuration through + JMS. Default is false. + type: boolean + executor: + description: Set false to disable the JMS executor, + it is enabled by default. + type: boolean + executorTransacted: + description: Enable transactions for JMS executor, disabled + by default. + type: boolean + password: + description: AMQ broker password to connect do the AMQ, + generated if empty. + format: password + type: string + queueAudit: + description: JNDI name of audit logging queue for JMS, + example queue/CUSTOM.KIE.SERVER.AUDIT, default is + queue/KIE.SERVER.AUDIT. + type: string + queueExecutor: + description: JNDI name of executor queue for JMS, example + queue/CUSTOM.KIE.SERVER.EXECUTOR, default is queue/KIE.SERVER.EXECUTOR. + type: string + queueRequest: + description: JNDI name of request queue for JMS, example + queue/CUSTOM.KIE.SERVER.REQUEST, default is queue/KIE.SERVER.REQUEST. + type: string + queueResponse: + description: JNDI name of response queue for JMS, example + queue/CUSTOM.KIE.SERVER.RESPONSE, default is queue/KIE.SERVER.RESPONSE. + type: string + queueSignal: + description: JNDI name of signal queue for JMS, example + queue/CUSTOM.KIE.SERVER.SIGNAL, default is queue/KIE.SERVER.SIGNAL. + type: string + username: + description: AMQ broker username to connect do the AMQ, + generated if empty. + type: string + required: + - enableIntegration + type: object + jvm: + description: JvmObject JVM specification to be used by the + KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC time + versus previous GC times when determining the new + heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of this + variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after GC + to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after GC + to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent outside + the garbage collection (for example, the time spent + for application execution) to the time spent in the + garbage collection, it's desirable that not more than + 1 / (1 + n) e.g. 99 and means 1% spent on gc, 4 means + spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap memory. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xms' is set + to a ratio of the '-Xmx' memory as set here. The default + is '25' which means 25% of the '-Xmx' is used as the + initial heap size. You can skip this mechanism by + setting this value to '0' in which case no '-Xms' + option is added. e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a container + without any memory constraints for the container then + this option has no effect. If there is a memory constraint + then '-Xms' is limited to the value set here. The + default is 4096Mb which means the calculated value + of '-Xms' never will be greater than 4096Mb. The value + of this variable is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is set + to a ratio of the container available memory as set + here. The default is '50' which means 50% of the available + memory is used as an upper boundary. You can skip + this mechanism by setting this value to '0' in which + case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + name: + description: Server name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the SSO + integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + type: array + smartRouter: + description: SmartRouterObject configuration of the RHPAM smart + router + properties: + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, this + param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param is + optional for custom image. + type: string + keystoreSecret: + description: Keystore secret name + type: string + protocol: + description: Smart Router protocol, if no value is provided, + http is the default protocol. + enum: + - http + - https + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + storageClassName: + description: The storageClassName to use + type: string + useExternalRoute: + description: If enabled, Business Central will use the external + smartrouter route to communicate with it. Note that, valid + SSL certificates should be used. + type: boolean + type: object + type: object + upgrades: + description: Specify the level of product upgrade that should be allowed + when an older product version is detected + properties: + enabled: + description: Set true to enable automatic micro version product + upgrades, it is disabled by default. + type: boolean + minor: + description: Set true to enable automatic minor product version + upgrades, it is disabled by default. Requires spec.upgrades.enabled + to be true. + type: boolean + type: object + useImageTags: + description: Set true to enable image tags, disabled by default. This + will leverage image tags instead of the image digests. + type: boolean + version: + description: The version of the application deployment. + type: string + required: + - environment + type: object + status: + description: KieAppStatus - The status for custom resources managed by + the operator-sdk. + properties: + applied: + description: KieAppSpec defines the desired state of KieApp + properties: + auth: + description: KieAppAuthObject Authentication specification to + be used by the KieApp + properties: + ldap: + description: LDAPAuthConfig Authentication configuration for + LDAP + properties: + baseCtxDN: + description: LDAP Base DN of the top-level context to + begin the user search. + type: string + baseFilter: + description: DAP search filter used to locate the context + of the user to authenticate. The input username or userDN + obtained from the login module callback is substituted + into the filter anywhere a {0} expression is used. A + common example for the search filter is (uid={0}). + type: string + bindCredential: + description: LDAP Credentials used for authentication + format: password + type: string + bindDN: + description: Bind DN used for authentication + type: string + defaultRole: + description: A role included for all authenticated users + type: string + distinguishedNameAttribute: + description: The name of the attribute in the user entry + that contains the DN of the user. This may be necessary + if the DN of the user itself contains special characters, + backslash for example, that prevent correct user mapping. + If the attribute does not exist, the entry’s DN is used. + type: string + jaasSecurityDomain: + description: The JMX ObjectName of the JaasSecurityDomain + used to decrypt the password. + type: string + loginModule: + description: A flag to set login module to optional. The + default value is required + enum: + - optional + - required + type: string + parseRoleNameFromDN: + description: A flag indicating if the DN returned by a + query contains the roleNameAttributeID. If set to true, + the DN is checked for the roleNameAttributeID. If set + to false, the DN is not checked for the roleNameAttributeID. + This flag can improve the performance of LDAP queries. + type: boolean + parseUsername: + description: A flag indicating if the DN is to be parsed + for the username. If set to true, the DN is parsed for + the username. If set to false the DN is not parsed for + the username. This option is used together with usernameBeginString + and usernameEndString. + type: boolean + referralUserAttributeIDToCheck: + description: If you are not using referrals, you can ignore + this option. When using referrals, this option denotes + the attribute name which contains users defined for + a certain role, for example member, if the role object + is inside the referral. Users are checked against the + content of this attribute name. If this option is not + set, the check will always fail, so role objects cannot + be stored in a referral tree. + type: string + roleAttributeID: + description: Name of the attribute containing the user + roles. + type: string + roleAttributeIsDN: + description: Whether or not the roleAttributeID contains + the fully-qualified DN of a role object. If false, the + role name is taken from the value of the roleNameAttributeId + attribute of the context name. Certain directory schemas, + such as Microsoft Active Directory, require this attribute + to be set to true. + type: boolean + roleFilter: + description: A search filter used to locate the roles + associated with the authenticated user. The input username + or userDN obtained from the login module callback is + substituted into the filter anywhere a {0} expression + is used. The authenticated userDN is substituted into + the filter anywhere a {1} is used. An example search + filter that matches on the input username is (member={0}). + An alternative that matches on the authenticated userDN + is (member={1}). + type: string + roleNameAttributeID: + description: Name of the attribute within the roleCtxDN + context which contains the role name. If the roleAttributeIsDN + property is set to true, this property is used to find + the role object’s name attribute. + type: string + roleRecursion: + description: The number of levels of recursion the role + search will go below a matching context. Disable recursion + by setting this to 0. + format: int16 + type: integer + rolesCtxDN: + description: The fixed DN of the context to search for + user roles. This is not the DN where the actual roles + are, but the DN where the objects containing the user + roles are. For example, in a Microsoft Active Directory + server, this is the DN where the user account is. + type: string + searchScope: + description: SearchScopeType Type used to define how the + LDAP searches are performed + enum: + - SUBTREE_SCOPE + - OBJECT_SCOPE + - ONELEVEL_SCOPE + type: string + searchTimeLimit: + description: The timeout in milliseconds for user or role + searches. + format: int32 + type: integer + url: + description: LDAP endpoint to connect for authentication. + For failover set two or more LDAP endpoints separated + by space + type: string + usernameBeginString: + description: Defines the String which is to be removed + from the start of the DN to reveal the username. This + option is used together with usernameEndString and only + taken into account if parseUsername is set to true. + type: string + usernameEndString: + description: Defines the String which is to be removed + from the end of the DN to reveal the username. This + option is used together with usernameBeginString and + only taken into account if parseUsername is set to true. + type: string + required: + - url + type: object + roleMapper: + description: When present, the RoleMapping Login Module will + be configured. + properties: + from: + description: ObjRef contains enough information to let + you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + replaceRole: + type: boolean + rolesProperties: + type: string + required: + - rolesProperties + type: object + sso: + description: SSOAuthConfig Authentication configuration for + SSO + properties: + adminPassword: + description: RH-SSO Realm Admin Password used to create + the Client + format: password + type: string + adminUser: + description: RH-SSO Realm Admin Username used to create + the Client if it doesn't exist + type: string + disableSSLCertValidation: + description: RH-SSO Disable SSL Certificate Validation + type: boolean + principalAttribute: + description: RH-SSO Principal Attribute to use as username + type: string + realm: + description: RH-SSO Realm name + type: string + url: + description: RH-SSO URL + type: string + required: + - realm + - url + type: object + type: object + commonConfig: + description: CommonConfig variables used in the templates + properties: + adminPassword: + description: The password to use for the adminUser. + format: password + type: string + adminUser: + description: The user to use for the admin. + type: string + amqClusterPassword: + description: The password to use for amq cluster user. + format: password + type: string + amqPassword: + description: The password to use for amq user. + format: password + type: string + applicationName: + description: The name of the application deployment. + type: string + dbPassword: + description: The password to use for databases. + format: password + type: string + keyStorePassword: + description: The password to use for keystore generation. + format: password + type: string + type: object + environment: + description: The name of the environment used as a baseline + enum: + - rhdm-authoring-ha + - rhdm-authoring + - rhdm-production-immutable + - rhdm-trial + - rhpam-authoring-ha + - rhpam-authoring + - rhpam-production-immutable + - rhpam-production + - rhpam-standalone-dashbuilder + - rhpam-trial + type: string + imageRegistry: + description: If required imagestreams are missing in both the + 'openshift' and local namespaces, the operator will create said + imagestreams locally using the registry specified here. + properties: + insecure: + description: A flag used to indicate the specified registry + is insecure. Defaults to 'false'. + type: boolean + registry: + description: Image registry's base 'url:port'. e.g. registry.example.com:5000. + Defaults to 'registry.redhat.io'. + type: string + type: object + objects: + description: Configuration of the RHPAM components + properties: + console: + description: ConsoleObject configuration of the RHPAM workbench + properties: + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will + never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + gitHooks: + description: GitHooksVolume GitHooks volume configuration + properties: + from: + description: ObjRef contains enough information to + let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. + For example, if the object reference is to a + container within a pod, this would take on a + value like: "spec.containers{name}" (where "name" + refers to the name of the container that triggered + the event) or if no container name is specified + "spec.containers[2]" (container with index 2 + in this pod). This syntax is chosen only to + have some well-defined way of referencing a + part of an object. TODO: this design is not + final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ConfigMap + - Secret + - PersistentVolumeClaim + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + mountPath: + description: Absolute path where the gitHooks folder + will be mounted. + type: string + sshSecret: + description: 'Secret to use for ssh key and known + hosts file. The secret must contain two files: id_rsa + and known_hosts.' + type: string + type: object + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by + the KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC + time versus previous GC times when determining + the new heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of + this variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after + GC to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after + GC to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent + outside the garbage collection (for example, the + time spent for application execution) to the time + spent in the garbage collection, it's desirable + that not more than 1 / (1 + n) e.g. 99 and means + 1% spent on gc, 4 means spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap memory. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xms' is set + to a ratio of the '-Xmx' memory as set here. The + default is '25' which means 25% of the '-Xmx' is + used as the initial heap size. You can skip this + mechanism by setting this value to '0' in which + case no '-Xms' option is added. e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a container + without any memory constraints for the container + then this option has no effect. If there is a memory + constraint then '-Xms' is limited to the value set + here. The default is 4096Mb which means the calculated + value of '-Xms' never will be greater than 4096Mb. + The value of this variable is expressed in MB. e.g. + '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is set + to a ratio of the container available memory as + set here. The default is '50' which means 50% of + the available memory is used as an upper boundary. + You can skip this mechanism by setting this value + to '0' in which case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + pvSize: + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the + SSO integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + dashbuilder: + description: DashbuilderObject configuration of the RHPAM + Dashbuilder + properties: + config: + description: DashbuilderConfig holds all configurations + that can be applied to the Dashbuilder env + properties: + allowExternalFileRegister: + description: Allow download of external (remote) files + into runtime. Default value is false + type: boolean + componentEnable: + description: When set to true enables external components. + type: boolean + componentPartition: + description: Components will be partitioned by the + Runtime Model ID. Default value is true + type: boolean + configMapProps: + description: Properties file with Dashbuilder configurations, + if set, uniq properties will be appended and, if + a property is set mode than once, the one from this + property file will be used. + type: string + dataSetPartition: + description: Datasets IDs will partitioned by the + Runtime Model ID. Default value is true + type: boolean + enableBusinessCentral: + description: Enables integration with Business Central + type: boolean + enableKieServer: + description: Enables integration with KIE Server + type: boolean + externalCompDir: + description: Base Directory where dashboards ZIPs + are stored. If PersistentConfigs is enabled and + ExternalCompDir is not pointing to a already existing + PV the /opt/kie/dashbuilder/components directory + will be used. + type: string + importFileLocation: + description: Set a static dashboard to run with runtime. + When this property is set no new imports are allowed. + type: string + importsBaseDir: + description: Base Directory where dashboards ZIPs + are stored. If PersistentConfigs is enabled and + ImportsBaseDir is not pointing to a already existing + PV the /opt/kie/dashbuilder/imports directory will + be used. If ImportFileLocation is set ImportsBaseDir + will be ignored. + type: string + kieServerDataSets: + description: Defines the KIE Server Datasets access + configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + kieServerTemplates: + description: Defines the KIE Server Templates access + configurations + items: + properties: + location: + type: string + name: + type: string + password: + type: string + replaceQuery: + type: string + token: + type: string + user: + type: string + type: object + type: array + modelFileRemoval: + description: When enabled will also remove actual + model file from file system. Default value is false. + type: boolean + modelUpdate: + description: Allows Runtime to check model last update + in FS to update its content. Default value is true. + type: boolean + persistentConfigs: + description: Make Dashbuilder not ephemeral. If ImportFileLocation + is set PersistentConfigs will be ignored. Default + value is true. + type: boolean + runtimeMultipleImport: + description: Runtime will always allow use of new + imports (multi tenancy). Default value is false. + type: boolean + uploadSize: + description: Limits the size of uploaded dashboards + (in kb). Default value is 10485760 kb. + format: int64 + type: integer + type: object + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will + never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jvm: + description: JvmObject JVM specification to be used by + the KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current GC + time versus previous GC times when determining + the new heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of + this variable should contain the necessary JRE command-line + options to specify the required GC, which will override + the default of '-XX:+UseParallelOldGC'. e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after + GC to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega bytes + unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after + GC to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent + outside the garbage collection (for example, the + time spent for application execution) to the time + spent in the garbage collection, it's desirable + that not more than 1 / (1 + n) e.g. 99 and means + 1% spent on gc, 4 means spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. Disabled + by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap memory. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xms' is set + to a ratio of the '-Xmx' memory as set here. The + default is '25' which means 25% of the '-Xmx' is + used as the initial heap size. You can skip this + mechanism by setting this value to '0' in which + case no '-Xms' option is added. e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a container + without any memory constraints for the container + then this option has no effect. If there is a memory + constraint then '-Xms' is limited to the value set + here. The default is 4096Mb which means the calculated + value of '-Xms' never will be greater than 4096Mb. + The value of this variable is expressed in MB. e.g. + '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is set + to a ratio of the container available memory as + set here. The default is '50' which means 50% of + the available memory is used as an upper boundary. + You can skip this mechanism by setting this value + to '0' in which case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the + SSO integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + processMigration: + description: ProcessMigrationObject configuration of the RHPAM + PIM + properties: + database: + description: ProcessMigrationDatabaseObject Defines how + a Process Migration server will manage and create a + new Database or connect to an existing one + properties: + externalConfig: + description: CommonExtDBObjectRequiredURL common configuration + definition of an external database + properties: + backgroundValidation: + description: Sets the sql validation method to + background-validation, if set to false the validate-on-match + method will be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + driver: + description: Driver name to use. For example, + mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should + be broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + jdbcURL: + description: Database JDBC URL. For example, jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for the + configured datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for the + configured datasource. + type: string + password: + description: External database password + format: password + type: string + username: + description: External database username + type: string + required: + - driver + - jdbcURL + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to + create. For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + image: + description: The image to use for Process Instance Migration + e.g. rhpam-process-migration-rhel8, this param is optional + for custom image. + type: string + imageContext: + description: The image context to use for Process Instance + Migration e.g. rhpam-7, this param is optional for + custom image. + type: string + imageTag: + description: The image tag to use for Process Instance + Migration e.g. 7.9.0, this param is optional for custom + image. + type: string + type: object + servers: + description: Configuration of the each individual KIE server + items: + description: KieServerSet KIE Server configuration for a + single set, or for multiple sets if deployments is set + to >1 + properties: + build: + description: KieAppBuildObject Data to define how to + build an application from source + properties: + artifactDir: + description: List of directories from which archives + will be copied into the deployment folder. If + unspecified, all archives in /target will be copied. + type: string + disableKCVerification: + description: Disable Maven KIE Jar verification. + It is recommended to test the kjar manually before + disabling this verification. + type: boolean + disablePullDeps: + description: Disable Maven pull dependencies for + immutable KIE Server configurations for S2I and + pre built kjars. Useful for pre-compiled kjar. + type: boolean + env: + description: Env set environment variables for BuildConfigs + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined + environment variables in the container and + any service environment variables. If a + variable cannot be resolved, the reference + in the input string will be unchanged. The + $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the + container: only resources limits and + requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + extensionImageInstallDir: + description: Full path to the directory within the + extensions image where the extensions are located + (e.g. install.sh, modules/, etc.). + type: string + extensionImageStreamTag: + description: ImageStreamTag definition for the image + containing the drivers and configuration. For + example, custom-driver-image:7.7.0. + type: string + extensionImageStreamTagNamespace: + description: Namespace within which the ImageStream + definition for the image containing the drivers + and configuration is located. Defaults to openshift + namespace. + type: string + from: + description: ImageObjRef contains enough information + to let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an + object instead of an entire object, this string + should contain a valid JSON/Go field access + statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to + a container within a pod, this would take + on a value like: "spec.containers{name}" (where + "name" refers to the name of the container + that triggered the event) or if no container + name is specified "spec.containers[2]" (container + with index 2 in this pod). This syntax is + chosen only to have some well-defined way + of referencing a part of an object. TODO: + this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + gitSource: + description: GitSource Git coordinates to locate + the source code to build + properties: + contextDir: + description: Context/subdirectory where the + code is located, relatively to repo root + type: string + reference: + description: Branch to use in the git repository + type: string + uri: + description: Git URI for the s2i source + type: string + required: + - reference + - uri + type: object + kieServerContainerDeployment: + description: The Maven GAV to deploy, e.g., rhpam-kieserver-library=org.openshift.quickstarts:rhpam-kieserver-library:1.5.0-SNAPSHOT + type: string + mavenMirrorURL: + description: Maven mirror to use for S2I builds + type: string + webhooks: + items: + description: WebhookSecret Secret to use for a + given webhook + properties: + secret: + type: string + type: + description: WebhookType literal type to distinguish + between different types of Webhooks + enum: + - GitHub + - Generic + type: string + required: + - secret + - type + type: object + minItems: 1 + type: array + type: object + database: + description: DatabaseObject Defines how a KieServer + will manage and create a new Database or connect to + an existing one + properties: + externalConfig: + description: ExternalDatabaseObject configuration + definition of an external database + properties: + backgroundValidation: + description: Sets the sql validation method + to background-validation, if set to false + the validate-on-match method will be used. + type: string + backgroundValidationMillis: + description: Defines the interval for the background-validation + check for the jdbc connections. + type: string + connectionChecker: + description: An org.jboss.jca.adapters.jdbc.ValidConnectionChecker + that provides a SQLException isValidConnection(Connection + e) method to validate if a connection is valid. + type: string + dialect: + description: Hibernate dialect class to use. + For example, org.hibernate.dialect.MySQL8Dialect + type: string + driver: + description: Driver name to use. For example, + mysql + type: string + exceptionSorter: + description: An org.jboss.jca.adapters.jdbc.ExceptionSorter + that provides a boolean isExceptionFatal(SQLException + e) method to validate if an exception should + be broadcast to all javax.resource.spi.ConnectionEventListener + as a connectionErrorOccurred. + type: string + host: + description: Database Host. For example, mydb.example.com + type: string + jdbcURL: + description: Database JDBC URL. For example, + jdbc:mysql:mydb.example.com:3306/rhpam + type: string + maxPoolSize: + description: Sets xa-pool/max-pool-size for + the configured datasource. + type: string + minPoolSize: + description: Sets xa-pool/min-pool-size for + the configured datasource. + type: string + name: + description: Database Name. For example, rhpam + type: string + nonXA: + description: Sets the datasources type. It can + be XA or NONXA. For non XA set it to true. + Default value is false. + type: string + password: + description: External database password + format: password + type: string + port: + description: Database Port. For example, 3306 + type: string + username: + description: External database username + type: string + required: + - dialect + - driver + - password + - username + type: object + size: + description: Size of the PersistentVolumeClaim to + create. For example, 100Gi + type: string + storageClassName: + description: The storageClassName to use for database + pvc's. + type: string + type: + description: Database type to use + enum: + - mysql + - postgresql + - external + - h2 + type: string + required: + - type + type: object + deployments: + description: Number of Server sets that will be deployed + format: int + type: integer + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + from: + description: ImageObjRef contains enough information + to let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to + the name of the container that triggered the event) + or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax + is chosen only to have some well-defined way of + referencing a part of an object. TODO: this design + is not final and this field is subject to change + in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + enum: + - ImageStreamTag + - DockerImage + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + required: + - kind + - name + type: object + id: + description: Server ID + type: string + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, + this param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + jms: + description: KieAppJmsObject messaging specification + to be used by the KieApp + properties: + amqEnableSSL: + description: Not intended to be set by the user, + if will be set to true if all required SSL parameters + are set. + type: boolean + amqKeystoreName: + description: The name of the AMQ keystore file. + type: string + amqKeystorePassword: + description: The password for the AMQ keystore and + certificate. + format: password + type: string + amqQueues: + description: AMQ broker broker comma separated queues, + if empty the values from default queues will be + used. + type: string + amqSecretName: + description: The name of a secret containing AMQ + SSL related files. + type: string + amqTruststoreName: + description: The name of the AMQ SSL Trust Store + file. + type: string + amqTruststorePassword: + description: The password for the AMQ Trust Store. + format: password + type: string + auditTransacted: + description: Determines if JMS session is transacted + or not - default true. + type: boolean + enableAudit: + description: Enable the Audit logging through JMS. + Default is false. + type: boolean + enableIntegration: + description: When set to true will configure the + KIE Server with JMS integration, if no configuration + is added, the default will be used. + type: boolean + enableSignal: + description: Enable the Signal configuration through + JMS. Default is false. + type: boolean + executor: + description: Set false to disable the JMS executor, + it is enabled by default. + type: boolean + executorTransacted: + description: Enable transactions for JMS executor, + disabled by default. + type: boolean + password: + description: AMQ broker password to connect do the + AMQ, generated if empty. + format: password + type: string + queueAudit: + description: JNDI name of audit logging queue for + JMS, example queue/CUSTOM.KIE.SERVER.AUDIT, default + is queue/KIE.SERVER.AUDIT. + type: string + queueExecutor: + description: JNDI name of executor queue for JMS, + example queue/CUSTOM.KIE.SERVER.EXECUTOR, default + is queue/KIE.SERVER.EXECUTOR. + type: string + queueRequest: + description: JNDI name of request queue for JMS, + example queue/CUSTOM.KIE.SERVER.REQUEST, default + is queue/KIE.SERVER.REQUEST. + type: string + queueResponse: + description: JNDI name of response queue for JMS, + example queue/CUSTOM.KIE.SERVER.RESPONSE, default + is queue/KIE.SERVER.RESPONSE. + type: string + queueSignal: + description: JNDI name of signal queue for JMS, + example queue/CUSTOM.KIE.SERVER.SIGNAL, default + is queue/KIE.SERVER.SIGNAL. + type: string + username: + description: AMQ broker username to connect do the + AMQ, generated if empty. + type: string + required: + - enableIntegration + type: object + jvm: + description: JvmObject JVM specification to be used + by the KieApp + properties: + gcAdaptiveSizePolicyWeight: + description: The weighting given to the current + GC time versus previous GC times when determining + the new heap size. e.g. '90' + format: int32 + type: integer + gcContainerOptions: + description: Specify Java GC to use. The value of + this variable should contain the necessary JRE + command-line options to specify the required GC, + which will override the default of '-XX:+UseParallelOldGC'. + e.g. '-XX:+UseG1GC' + type: string + gcMaxHeapFreeRatio: + description: Maximum percentage of heap free after + GC to avoid shrinking. e.g. '40' + format: int32 + type: integer + gcMaxMetaspaceSize: + description: The maximum metaspace size in Mega + bytes unit e.g. 400 + format: int32 + type: integer + gcMinHeapFreeRatio: + description: Minimum percentage of heap free after + GC to avoid expansion. e.g. '20' + format: int32 + type: integer + gcTimeRatio: + description: Specifies the ratio of the time spent + outside the garbage collection (for example, the + time spent for application execution) to the time + spent in the garbage collection, it's desirable + that not more than 1 / (1 + n) e.g. 99 and means + 1% spent on gc, 4 means spent 20% on gc. + format: int32 + type: integer + javaDebug: + description: If set remote debugging will be switched + on. Disabled by default. e.g. 'true' + type: boolean + javaDebugPort: + description: Port used for remote debugging. Defaults + to 5005. e.g. '8787' + format: int32 + type: integer + javaDiagnostics: + description: Set this to get some diagnostics information + to standard output when things are happening. + Disabled by default. e.g. 'true' + type: boolean + javaInitialMemRatio: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate a default + initial heap memory based on the maximum heap + memory. If used in a container without any memory + constraints for the container then this option + has no effect. If there is a memory constraint + then '-Xms' is set to a ratio of the '-Xmx' memory + as set here. The default is '25' which means 25% + of the '-Xmx' is used as the initial heap size. + You can skip this mechanism by setting this value + to '0' in which case no '-Xms' option is added. + e.g. '25' + format: int32 + type: integer + javaMaxInitialMem: + description: Is used when no '-Xms' option is given + in JAVA_OPTS. This is used to calculate the maximum + value of the initial heap memory. If used in a + container without any memory constraints for the + container then this option has no effect. If there + is a memory constraint then '-Xms' is limited + to the value set here. The default is 4096Mb which + means the calculated value of '-Xms' never will + be greater than 4096Mb. The value of this variable + is expressed in MB. e.g. '4096' + format: int32 + type: integer + javaMaxMemRatio: + description: Is used when no '-Xmx' option is given + in JAVA_OPTS. This is used to calculate a default + maximal heap memory based on a containers restriction. + If used in a container without any memory constraints + for the container then this option has no effect. + If there is a memory constraint then '-Xmx' is + set to a ratio of the container available memory + as set here. The default is '50' which means 50% + of the available memory is used as an upper boundary. + You can skip this mechanism by setting this value + to '0' in which case no '-Xmx' option is added. + format: int32 + type: integer + javaOptsAppend: + description: User specified Java options to be appended + to generated options in JAVA_OPTS. e.g. '-Dsome.property=foo' + type: string + type: object + keystoreSecret: + description: Keystore secret name + type: string + name: + description: Server name + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + ssoClient: + description: SSOAuthClient Auth client to use for the + SSO integration + properties: + hostnameHTTP: + description: Hostname to set as redirect URL + type: string + hostnameHTTPS: + description: Secure hostname to set as redirect + URL + type: string + name: + description: Client name + type: string + secret: + description: Client secret + format: password + type: string + type: object + storageClassName: + description: The storageClassName to use + type: string + type: object + type: array + smartRouter: + description: SmartRouterObject configuration of the RHPAM + smart router + properties: + env: + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will + never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: The image to use e.g. rhpam--rhel8, + this param is optional for custom image. + type: string + imageContext: + description: The image context to use e.g. rhpam-7, this + param is optional for custom image. + type: string + imageTag: + description: The image tag to use e.g. 7.9.0, this param + is optional for custom image. + type: string + keystoreSecret: + description: Keystore secret name + type: string + protocol: + description: Smart Router protocol, if no value is provided, + http is the default protocol. + enum: + - http + - https + type: string + replicas: + description: Replicas to set for the DeploymentConfig + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + storageClassName: + description: The storageClassName to use + type: string + useExternalRoute: + description: If enabled, Business Central will use the + external smartrouter route to communicate with it. Note + that, valid SSL certificates should be used. + type: boolean + type: object + type: object + upgrades: + description: Specify the level of product upgrade that should + be allowed when an older product version is detected + properties: + enabled: + description: Set true to enable automatic micro version product + upgrades, it is disabled by default. + type: boolean + minor: + description: Set true to enable automatic minor product version + upgrades, it is disabled by default. Requires spec.upgrades.enabled + to be true. + type: boolean + type: object + useImageTags: + description: Set true to enable image tags, disabled by default. + This will leverage image tags instead of the image digests. + type: boolean + version: + description: The version of the application deployment. + type: string + required: + - environment + type: object + conditions: + items: + description: Condition - The condition for the kie-cloud-operator + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + description: ReasonType - type of reason + type: string + status: + type: string + type: + description: ConditionType - type of condition + type: string + version: + type: string + required: + - status + - type + type: object + type: array + consoleHost: + type: string + deployments: + properties: + ready: + description: Deployments are ready to serve requests + items: + type: string + type: array + starting: + description: Deployments are starting, may or may not succeed + items: + type: string + type: array + stopped: + description: Deployments are not starting, unclear what next step + will be + items: + type: string + type: array + type: object + phase: + description: ConditionType - type of condition + type: string + version: + type: string + required: + - conditions + - deployments + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/deploy/olm-catalog/test/7.10.1-3/metadata/annotations.yaml b/deploy/olm-catalog/test/7.10.1-3/metadata/annotations.yaml new file mode 100644 index 000000000..724337620 --- /dev/null +++ b/deploy/olm-catalog/test/7.10.1-3/metadata/annotations.yaml @@ -0,0 +1,10 @@ +annotations: + operators.operatorframework.io.bundle.channel.default.v1: stable + operators.operatorframework.io.bundle.channels.v1: stable + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: businessautomation-operator + operators.operatorframework.io.metrics.builder: operator-sdk-v0.19.2 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: go diff --git a/deploy/olm-catalog/test/7.11.0-1/manifests/businessautomation-operator.clusterserviceversion.yaml b/deploy/olm-catalog/test/7.11.0-1/manifests/businessautomation-operator.clusterserviceversion.yaml index 551abe780..965cfa705 100644 --- a/deploy/olm-catalog/test/7.11.0-1/manifests/businessautomation-operator.clusterserviceversion.yaml +++ b/deploy/olm-catalog/test/7.11.0-1/manifests/businessautomation-operator.clusterserviceversion.yaml @@ -7,7 +7,7 @@ metadata: categories: Integration & Delivery certified: "true" containerImage: registry-proxy.engineering.redhat.com/rh-osbs/rhpam-7-rhpam-rhel8-operator:7.11.0 - createdAt: "2021-04-08 15:31:30" + createdAt: "2021-04-16 15:53:33" description: Deploys and manages Red Hat Process Automation Manager and Red Hat Decision Manager environments. operators.openshift.io/infrastructure-features: '["Disconnected"]' repository: https://github.com/kiegroup/kie-cloud-operator @@ -17,7 +17,7 @@ metadata: operator-businessautomation: "true" operatorframework.io/arch.amd64: supported operatorframework.io/os.linux: supported - name: businessautomation-operator.7.11.0-1-dev-q94dqpb99q + name: businessautomation-operator.7.11.0-1-dev-vm5rzcng6l namespace: placeholder spec: apiservicedefinitions: {} @@ -401,7 +401,7 @@ spec: - operator labels: alm-owner-businessautomation: businessautomation-operator - operated-by: businessautomation-operator.7.11.0-1-dev-q94dqpb99q + operated-by: businessautomation-operator.7.11.0-1-dev-vm5rzcng6l links: - name: Product Page url: https://access.redhat.com/products/red-hat-process-automation-manager @@ -413,9 +413,9 @@ spec: maturity: test provider: name: Red Hat - replaces: businessautomation-operator.7.10.1-2 + replaces: businessautomation-operator.7.10.1-3 selector: matchLabels: alm-owner-businessautomation: businessautomation-operator - operated-by: businessautomation-operator.7.11.0-1-dev-q94dqpb99q - version: 7.11.0-1+q94dqpb99q + operated-by: businessautomation-operator.7.11.0-1-dev-vm5rzcng6l + version: 7.11.0-1+vm5rzcng6l diff --git a/version/version.go b/version/version.go index 4c145199d..f8ea5259a 100644 --- a/version/version.go +++ b/version/version.go @@ -12,5 +12,5 @@ var ( // PriorVersion - prior version PriorVersion = constants.PriorVersion // CsvPriorVersion - prior csv release - CsvPriorVersion = PriorVersion + "-2" + CsvPriorVersion = PriorVersion + "-3" )