forked from apache/incubator-kie-tools
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #26 from fantonangeli/kie-issues#1061-Create-Sonat…
…aflow-management-console-image-2 kie-issues#1061: Create Sonataflow management console image
- Loading branch information
Showing
24 changed files
with
642 additions
and
261 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
51 changes: 51 additions & 0 deletions
51
packages/sonataflow-management-console-image/Containerfile
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,51 @@ | ||
| # Licensed to the Apache Software Foundation (ASF) under one | ||
| # or more contributor license agreements. See the NOTICE file | ||
| # distributed with this work for additional information | ||
| # regarding copyright ownership. The ASF licenses this file | ||
| # to you under the Apache License, Version 2.0 (the | ||
| # "License"); you may not use this file except in compliance | ||
| # with the License. You may obtain a copy of the License at | ||
| # | ||
| # http://www.apache.org/licenses/LICENSE-2.0 | ||
| # | ||
| # Unless required by applicable law or agreed to in writing, | ||
| # software distributed under the License is distributed on an | ||
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||
| # KIND, either express or implied. See the License for the | ||
| # specific language governing permissions and limitations | ||
| # under the License. | ||
|
|
||
| FROM --platform=linux/amd64 registry.access.redhat.com/ubi9/ubi-minimal:9.4 | ||
|
|
||
| ARG KOGITO_MANAGEMENT_CONSOLE_PORT=8080 | ||
|
|
||
| ENV SONATAFLOW_MANAGEMENT_CONSOLE_KOGITO_ENV_MODE="PROD" | ||
|
|
||
| COPY entrypoint.sh dist-dev/image-env-to-json-standalone dist-dev/EnvJson.schema.json /tmp/ | ||
|
|
||
| RUN microdnf --disableplugin=subscription-manager -y install httpd \ | ||
| && microdnf --disableplugin=subscription-manager clean all \ | ||
| && echo "Mutex posixsem" >> /etc/httpd/conf/httpd.conf \ | ||
| && sed -i -e "/#ServerName www.example.com:80/aHeader set Content-Security-Policy \"frame-ancestors 'self';\"" /etc/httpd/conf/httpd.conf \ | ||
| && sed -i -e 's/Options Indexes FollowSymLinks/Options -Indexes +FollowSymLinks/' /etc/httpd/conf/httpd.conf \ | ||
| && sed -i "s/Listen 80/Listen ${KOGITO_MANAGEMENT_CONSOLE_PORT}/g" /etc/httpd/conf/httpd.conf \ | ||
| && sed -i "s/#ServerName www.example.com:80/ServerName 127.0.0.1:${KOGITO_MANAGEMENT_CONSOLE_PORT}/g" /etc/httpd/conf/httpd.conf \ | ||
| && sed -i '$ a ServerTokens Prod' /etc/httpd/conf/httpd.conf \ | ||
| && sed -i '$ a ServerSignature Off' /etc/httpd/conf/httpd.conf \ | ||
| && sed -i -e '/<Directory "\/var\/www\/html">/a RewriteEngine on\n RewriteCond %{REQUEST_FILENAME} -f [OR]\n RewriteCond %{REQUEST_FILENAME} -d\n RewriteRule ^ - [L]\n RewriteRule ^ index.html [L]' /etc/httpd/conf/httpd.conf \ | ||
| && chmod -R g=u /etc/httpd/conf \ | ||
| && mkdir /management-console \ | ||
| && mv -t /management-console /tmp/entrypoint.sh /tmp/image-env-to-json-standalone /tmp/EnvJson.schema.json \ | ||
| && chgrp -R 0 /var/log/httpd /var/run/httpd /var/www/html /management-console \ | ||
| && chmod -R g=u /var/log/httpd /var/run/httpd /var/www/html /management-console \ | ||
| && chmod +x /management-console/entrypoint.sh /management-console/image-env-to-json-standalone | ||
|
|
||
| COPY dist-dev/sonataflow-management-console-webapp /management-console/app | ||
|
|
||
| RUN if [ -f /management-console/app/env.json ]; then chmod a+w /management-console/app/env.json; fi | ||
|
|
||
| EXPOSE ${KOGITO_MANAGEMENT_CONSOLE_PORT} | ||
|
|
||
| USER 1000 | ||
|
|
||
| ENTRYPOINT [ "/management-console/entrypoint.sh" ] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,140 @@ | ||
| <!-- | ||
| Licensed to the Apache Software Foundation (ASF) under one | ||
| or more contributor license agreements. See the NOTICE file | ||
| distributed with this work for additional information | ||
| regarding copyright ownership. The ASF licenses this file | ||
| to you under the Apache License, Version 2.0 (the | ||
| "License"); you may not use this file except in compliance | ||
| with the License. You may obtain a copy of the License at | ||
| http://www.apache.org/licenses/LICENSE-2.0 | ||
| Unless required by applicable law or agreed to in writing, | ||
| software distributed under the License is distributed on an | ||
| "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||
| KIND, either express or implied. See the License for the | ||
| specific language governing permissions and limitations | ||
| under the License. | ||
| --> | ||
|
|
||
| # SonataFlow Management Console Image | ||
|
|
||
| This package contains the `Containerfile/Dockerfile` and scripts to build a container image for SonataFlow Management Console. It also generated a JSON Schema for the `env.json` file, enabling it to be validated. | ||
|
|
||
| ## Additional requirements | ||
|
|
||
| - docker | ||
|
|
||
| ## Build | ||
|
|
||
| - Enable the image to be built: | ||
|
|
||
| ```bash | ||
| export KIE_TOOLS_BUILD__buildContainerImages=true | ||
| ``` | ||
|
|
||
| - (Optional) The image name and tags can be customized by setting the following environment variables: | ||
|
|
||
| ```bash | ||
| export KOGITO_MANAGEMENT_CONSOLE__registry=<registry> | ||
| export KOGITO_MANAGEMENT_CONSOLE__account=<account> | ||
| export KOGITO_MANAGEMENT_CONSOLE__name=<image-name> | ||
| export KOGITO_MANAGEMENT_CONSOLE__buildTag=<image-tags> | ||
| ``` | ||
|
|
||
| > Default values can be found [here](./env/index.js). | ||
| - After optionally setting up the environment variables, run the following in the root folder of the repository to build the package: | ||
|
|
||
| ```bash | ||
| pnpm -F @kie-tools/sonataflow-management-console-image... build:prod | ||
| ``` | ||
|
|
||
| - Then check if the image is correctly stored: | ||
|
|
||
| ```bash | ||
| docker images | ||
| ``` | ||
|
|
||
| ## Run | ||
|
|
||
| - Start up a clean container with: | ||
|
|
||
| ```bash | ||
| docker run -t -p 8080:8080 -i --rm docker.io/apache/incubator-kie-sonataflow-management-console:main | ||
| ``` | ||
|
|
||
| Management Console will be up at http://localhost:8080 | ||
|
|
||
| ## Customization | ||
|
|
||
| 1. Run a container with custom environment variables: | ||
|
|
||
| [comment]: <> (//TODO: Use EnvJson.schema.json to generate this documentation somehow.. See https://github.com/kiegroup/kie-issues/issues/16) | ||
|
|
||
| | Name | Description | Default | | ||
| | :-------------------------------------------------: | :-----------------------------------------------------------: | :----------------------------------------------------------------------------------------: | | ||
| | `SONATAFLOW_MANAGEMENT_CONSOLE_KOGITO_ENV_MODE` | Env Mode: "PROD" or "DEV". PROD enables Keycloak integration. | "PROD" | | ||
| | `SONATAFLOW_MANAGEMENT_CONSOLE_KOGITO_APP_NAME` | Management Console app name. | See [ defaultEnvJson.ts ](../sonataflow-management-console-webapp/build/defaultEnvJson.ts) | | ||
| | `SONATAFLOW_MANAGEMENT_CONSOLE_KOGITO_APP_VERSION` | Management Console app version. | See [ defaultEnvJson.ts ](../sonataflow-management-console-webapp/build/defaultEnvJson.ts) | | ||
| | `SONATAFLOW_MANAGEMENT_CONSOLE_DATA_INDEX_ENDPOINT` | The URL that points to the Data Index service. | See [ defaultEnvJson.ts ](../sonataflow-management-console-webapp/build/defaultEnvJson.ts) | | ||
| | `KOGITO_CONSOLES_KEYCLOAK_DISABLE_HEALTH_CHECK` | Disables Keycloak health-check. | See [ defaultEnvJson.ts ](../sonataflow-management-console-webapp/build/defaultEnvJson.ts) | | ||
| | `KOGITO_CONSOLES_KEYCLOAK_UPDATE_TOKEN_VALIDITY` | Update token validity in minutes. | See [ defaultEnvJson.ts ](../sonataflow-management-console-webapp/build/defaultEnvJson.ts) | | ||
| | `KOGITO_CONSOLES_KEYCLOAK_HEALTH_CHECK_URL` | Keycloak health-check URL. | See [ defaultEnvJson.ts ](../sonataflow-management-console-webapp/build/defaultEnvJson.ts) | | ||
| | `KOGITO_CONSOLES_KEYCLOAK_REALM` | Keycloak realm name. | See [ defaultEnvJson.ts ](../sonataflow-management-console-webapp/build/defaultEnvJson.ts) | | ||
| | `KOGITO_CONSOLES_KEYCLOAK_URL` | Keycloak auth URL. | See [ defaultEnvJson.ts ](../sonataflow-management-console-webapp/build/defaultEnvJson.ts) | | ||
| | `KOGITO_CONSOLES_KEYCLOAK_CLIENT_ID` | Keycloak Client ID. | See [ defaultEnvJson.ts ](../sonataflow-management-console-webapp/build/defaultEnvJson.ts) | | ||
|
|
||
| ### Examples | ||
|
|
||
| 1. Using a different Data Index Service. | ||
|
|
||
| ```bash | ||
| docker run -t -p 8080:8080 -e SONATAFLOW_MANAGEMENT_CONSOLE_DATA_INDEX_ENDPOINT=<my_value> -i --rm docker.io/apache/incubator-kie-sonataflow-management-console:main | ||
| ``` | ||
|
|
||
| _NOTE: Replace `docker` with `podman` if necessary._ | ||
|
|
||
| 2. Write a custom `Containerfile/Dockerfile` from the image: | ||
|
|
||
| ```docker | ||
| FROM docker.io/apache/incubator-kie-sonataflow-management-console:main | ||
| ENV SONATAFLOW_MANAGEMENT_CONSOLE_DATA_INDEX_ENDPOINT=<my_value> | ||
| ``` | ||
|
|
||
| 3. Create the application from the image in OpenShift and set the deployment environment variable right from the OpenShift UI. | ||
|
|
||
| ## Custom Port | ||
|
|
||
| The port used internally on the container can be changed: | ||
|
|
||
| When building, set the `SONATAFLOW_MANAGEMENT_CONSOLE__port` environment variable to any port you want, and the Containerfile will be built using that port. | ||
|
|
||
| --- | ||
|
|
||
| Apache KIE (incubating) is an effort undergoing incubation at The Apache Software | ||
| Foundation (ASF), sponsored by the name of Apache Incubator. Incubation is | ||
| required of all newly accepted projects until a further review indicates that | ||
| the infrastructure, communications, and decision making process have stabilized | ||
| in a manner consistent with other successful ASF projects. While incubation | ||
| status is not necessarily a reflection of the completeness or stability of the | ||
| code, it does indicate that the project has yet to be fully endorsed by the ASF. | ||
|
|
||
| Some of the incubating project’s releases may not be fully compliant with ASF | ||
| policy. For example, releases may have incomplete or un-reviewed licensing | ||
| conditions. What follows is a list of known issues the project is currently | ||
| aware of (note that this list, by definition, is likely to be incomplete): | ||
|
|
||
| - Hibernate, an LGPL project, is being used. Hibernate is in the process of relicensing to ASL v2 | ||
| - Some files, particularly test files, and those not supporting comments, may be missing the ASF Licensing Header | ||
| - | ||
|
|
||
| - Hibernate, an LGPL project, is being used. Hibernate is in the process of | ||
| relicensing to ASL v2 | ||
| - Some files, particularly test files, and those not supporting comments, may | ||
| be missing the ASF Licensing Header | ||
|
|
||
| If you are planning to incorporate this work into your product/project, please | ||
| be aware that you will need to conduct a thorough licensing review to determine | ||
| the overall implications of including this work. For the current status of this | ||
| project through the Apache Incubator visit: | ||
| https://incubator.apache.org/projects/kie.html |
27 changes: 27 additions & 0 deletions
27
packages/sonataflow-management-console-image/entrypoint.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| #!/bin/bash | ||
| # | ||
| # Licensed to the Apache Software Foundation (ASF) under one | ||
| # or more contributor license agreements. See the NOTICE file | ||
| # distributed with this work for additional information | ||
| # regarding copyright ownership. The ASF licenses this file | ||
| # to you under the Apache License, Version 2.0 (the | ||
| # "License"); you may not use this file except in compliance | ||
| # with the License. You may obtain a copy of the License at | ||
| # | ||
| # http://www.apache.org/licenses/LICENSE-2.0 | ||
| # | ||
| # Unless required by applicable law or agreed to in writing, | ||
| # software distributed under the License is distributed on an | ||
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||
| # KIND, either express or implied. See the License for the | ||
| # specific language governing permissions and limitations | ||
| # under the License. | ||
| # | ||
|
|
||
| # Copying the Task Console assets here is essential for when the container is running with the readOnlyRootFilesystem flag. | ||
| # But, just like any other directory modified during runtime, the /var/www/html must be a mounted volume in the container in this case. | ||
| cp -R /management-console/app/* /var/www/html | ||
|
|
||
| /management-console/image-env-to-json-standalone --directory /var/www/html --json-schema /management-console/EnvJson.schema.json | ||
|
|
||
| httpd -D FOREGROUND |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,59 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one | ||
| * or more contributor license agreements. See the NOTICE file | ||
| * distributed with this work for additional information | ||
| * regarding copyright ownership. The ASF licenses this file | ||
| * to you under the Apache License, Version 2.0 (the | ||
| * "License"); you may not use this file except in compliance | ||
| * with the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, | ||
| * software distributed under the License is distributed on an | ||
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||
| * KIND, either express or implied. See the License for the | ||
| * specific language governing permissions and limitations | ||
| * under the License. | ||
| */ | ||
|
|
||
| const { varsWithName, composeEnv, getOrDefault } = require("@kie-tools-scripts/build-env"); | ||
|
|
||
| const rootEnv = require("@kie-tools/root-env/env"); | ||
|
|
||
| module.exports = composeEnv([rootEnv], { | ||
| vars: varsWithName({ | ||
| SONATAFLOW_MANAGEMENT_CONSOLE__registry: { | ||
| default: "docker.io", | ||
| description: "E.g., `docker.io` or `quay.io`.", | ||
| }, | ||
| SONATAFLOW_MANAGEMENT_CONSOLE__account: { | ||
| default: "apache", | ||
| description: "E.g,. `apache` or `kie-tools-bot`", | ||
| }, | ||
| SONATAFLOW_MANAGEMENT_CONSOLE__name: { | ||
| default: "incubator-kie-sonataflow-management-console", | ||
| description: "Name of the image itself.", | ||
| }, | ||
| SONATAFLOW_MANAGEMENT_CONSOLE__buildTag: { | ||
| default: rootEnv.env.root.streamName, | ||
| description: "Tag version of this image. E.g., `main` or `10.0.x` or `10.0.0", | ||
| }, | ||
| SONATAFLOW_MANAGEMENT_CONSOLE__port: { | ||
| default: 8080, | ||
| description: "The internal container port.", | ||
| }, | ||
| }), | ||
| get env() { | ||
| return { | ||
| sonataflowManagementConsoleImage: { | ||
| registry: getOrDefault(this.vars.SONATAFLOW_MANAGEMENT_CONSOLE__registry), | ||
| account: getOrDefault(this.vars.SONATAFLOW_MANAGEMENT_CONSOLE__account), | ||
| name: getOrDefault(this.vars.SONATAFLOW_MANAGEMENT_CONSOLE__name), | ||
| buildTag: getOrDefault(this.vars.SONATAFLOW_MANAGEMENT_CONSOLE__buildTag), | ||
| port: getOrDefault(this.vars.SONATAFLOW_MANAGEMENT_CONSOLE__port), | ||
| version: require("../package.json").version, | ||
| }, | ||
| }; | ||
| }, | ||
| }); |
Oops, something went wrong.