Replace s2i based deployment approach with pure deployments (#8819)

* Experimenting with deployment config based approach to Che multi user on OCP

* Service pod

* Remove s2i

* Remove s2i

* EOF

* Cleanup

* Cleanup

* Cleanup

* Cleanup

* Make Keycloak util image configurable

* Update webdriver.sh

dockerfiles/init/modules/openshift/files/scripts/deploy_che.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright (c) 2012-2017 Red Hat, Inc
+# Copyright (c) 2018 Red Hat, Inc.
 # All rights reserved. This program and the accompanying materials
 # are made available under the terms of the Eclipse Public License v1.0
 # which accompanies this distribution, and is available at
@@ -225,6 +225,7 @@ DEFAULT_CHE_IMAGE_REPO="docker.io/eclipse/che-server"
 DEFAULT_CHE_IMAGE_TAG="nightly"
 DEFAULT_CHE_KEYCLOAK_OSO_ENDPOINT="https://sso.openshift.io/auth/realms/fabric8/broker/openshift-v3/token"
 DEFAULT_KEYCLOAK_GITHUB_ENDPOINT="https://sso.openshift.io/auth/realms/fabric8/broker/github/token"
+DEFAULT_CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD="true"
 
 COMMAND=${COMMAND:-${DEFAULT_COMMAND}}
 WAIT_FOR_CHE=${WAIT_FOR_CHE:-"false"}
@@ -535,6 +536,10 @@ if [ "${WAIT_FOR_CHE}" == "true" ]; then
   wait_until_che_is_available
 fi
 
+if [ "${CHE_DEDICATED_KEYCLOAK}" == "true" ]; then
+"${COMMAND_DIR}"/multi-user/configure_keycloak.sh
+fi
+
 che_route=$(oc get route che -o jsonpath='{.spec.host}')
 echo
 echo "[CHE] Che deployment has been successufully bootstrapped"

dockerfiles/init/modules/openshift/files/scripts/multi-user/configure_keycloak.sh

@@ -0,0 +1,48 @@
+#!/bin/bash
+# Copyright (c) 2018 Red Hat, Inc.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Eclipse Public License v1.0
+# which accompanies this distribution, and is available at
+# http://www.eclipse.org/legal/epl-v10.html
+#
+
+COMMAND_DIR=$(dirname "$0")
+CHE_HOST=$(oc get route che -o jsonpath='{.spec.host}')
+KC_HOST=$(oc get route keycloak -o jsonpath='{.spec.host}')
+CHE_SERVER_ROUTE_TLS=$(oc get route che -o jsonpath='{.spec.tls}' || echo "")
+
+if [ "${CHE_SERVER_ROUTE_TLS}" != "" ]; then
+    HTTP_PROTOCOL="https"
+else
+    HTTP_PROTOCOL="http"
+fi
+
+CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD=${DEFAULT_CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD:-${CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD}}
+
+IMAGE_KEYCLOAK_UTIL=${IMAGE_KEYCLOAK_UTIL:-"eclipse/che-keycloak-util:nightly"}
+
+echo "[CHE] Configuring Keycloak realm, client and user..."
+
+cat "${COMMAND_DIR}"/keycloak/config/keycloak-config-pod-deployment.yaml | sed "s/\${CHE_HOST}/${CHE_HOST}/" | \
+                                                           sed "s/\${KC_HOST}/${KC_HOST}/" | \
+                                                           sed "s/\${HTTP_PROTOCOL}/${HTTP_PROTOCOL}/" | \
+                                                           sed "s#\${IMAGE_KEYCLOAK_UTIL}#${IMAGE_KEYCLOAK_UTIL}#" | \
+                                                           sed "s/\${CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD}/${CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD}/" | \
+                                                           oc apply -f -
+
+echo "[CHE] Keycloak configuration initiated. It takes ~10 seconds to complete"
+KC_UTIL_POD=$(oc get pods -l="app=keycloak-util" -o jsonpath='{.items[].metadata.name}')
+sleep 5
+DEPLOYMENT_TIMEOUT_SEC=1200
+POLLING_INTERVAL_SEC=5
+end=$((SECONDS+DEPLOYMENT_TIMEOUT_SEC))
+available=$(oc get pods keycloak-util -o json | jq '.status.containerStatuses[].state | to_entries[].key')
+while [[ "${available}" != "\"terminated\"" ]] && [ ${SECONDS} -lt ${end} ]; do
+    timeout_in=$((end-SECONDS))
+    echo "[CHE] Watching Keycloak config pod status. Current status=${available}, Timeout in ${timeout_in}s)"
+    sleep ${POLLING_INTERVAL_SEC}
+    available=$(oc get pods keycloak-util -o json | jq '.status.containerStatuses[].state | to_entries[].key')
+done
+oc logs -f "${KC_UTIL_POD}"
+oc delete pod "${KC_UTIL_POD}"
+echo "[CHE] Keycloak configuration completed"

dockerfiles/init/modules/openshift/files/scripts/multi-user/deploy_postgres_and_keycloak.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright (c) 2012-2017 Red Hat, Inc
+# Copyright (c) 2018 Red Hat, Inc.
 # All rights reserved. This program and the accompanying materials
 # are made available under the terms of the Eclipse Public License v1.0
 # which accompanies this distribution, and is available at
@@ -37,64 +37,15 @@ if [ "${CHE_SERVER_URL}" == "" ]; then
     CHE_SERVER_URL="https://${CHE_SERVER_ROUTE_HOST}"
   fi
 fi
-DEFAULT_CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD=true
-
-# apply KC build config
-oc apply -f - <<-EOF
-
-apiVersion: v1
-kind: BuildConfig
-metadata:
-  name: keycloak-for-che
-spec:
-  nodeSelector: null
-  output:
-    to:
-      kind: ImageStreamTag
-      name: 'keycloak:latest'
-  postCommit: {}
-  resources: {}
-  runPolicy: Serial
-  source:
-    images:
-      - from:
-          kind: ImageStreamTag
-          name: 'che-init:latest'
-        paths:
-          - destinationDir: ./themes/
-            sourcePath: /etc/puppet/modules/keycloak/files/che/
-          - destinationDir: ./realms/
-            sourcePath: /etc/puppet/modules/keycloak/templates/.
-          - destinationDir: .s2i/bin/
-            sourcePath: /files/s2i/keycloak/assemble
-          - destinationDir: .s2i/bin/
-            sourcePath: /files/s2i/keycloak/run
-    type: Image
-  strategy:
-    sourceStrategy:
-      env:
-          - name: "CHE_SERVER_URL"
-            value: "${CHE_SERVER_URL}"
-          - name: "CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD"
-            value: "${CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD:-${DEFAULT_CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD}}"
-      from:
-        kind: ImageStreamTag
-        name: 'keycloak-source:latest'
-    type: Source
-  triggers:
-  - type: "ImageChange"
-    imageChange: {}
-  - type: "ImageChange"
-    imageChange:
-      from:
-        kind: "ImageStreamTag"
-        name: "che-init:latest"
-status:
-
-EOF
 
 # apply all yaml files from "$COMMAND_DIR"/keycloak/
-oc apply -f "$COMMAND_DIR"/keycloak/
+
+IMAGE_KEYCLOAK=${IMAGE_KEYCLOAK:-"eclipse/che-keycloak:nightly"}
+
+for i in $(ls -Iconfig "$COMMAND_DIR"/keycloak ); do
+    cat "${COMMAND_DIR}"/keycloak/"${i}" | sed "s#\${IMAGE_KEYCLOAK}#${IMAGE_KEYCLOAK}#" | oc apply -f -
+done
+
 
 if [ "${CHE_EPHEMERAL}" == "true" ]; then
   oc volume dc/keycloak --remove --confirm
@@ -113,23 +64,4 @@ if [ "${CHE_SERVER_ROUTE_TLS}" != "" ]; then
   oc replace -f -
 fi
 
-IMAGE_KEYCLOACK=${IMAGE_KEYCLOACK:-"jboss/keycloak-openshift:3.3.0.CR2-3"}
-
-oc apply -f - <<-EOF
-
-apiVersion: v1
-kind: ImageStream
-metadata:
-  name: keycloak-source
-spec:
-  tags:
-  - from:
-      kind: DockerImage
-      name: ${IMAGE_KEYCLOACK}
-    name: latest
-    importPolicy:
-      scheduled: true
-
-EOF
-
 "$COMMAND_DIR"/wait_until_keycloak_is_available.sh

dockerfiles/init/modules/openshift/files/scripts/multi-user/deploy_postgres_only.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright (c) 2012-2017 Red Hat, Inc
+# Copyright (c) 2018 Red Hat, Inc.
 # All rights reserved. This program and the accompanying materials
 # are made available under the terms of the Eclipse Public License v1.0
 # which accompanies this distribution, and is available at
@@ -9,67 +9,15 @@
 COMMAND_DIR=$(dirname "$0")
 export CHE_EPHEMERAL=${CHE_EPHEMERAL:-false}
 
-oc apply -f "$COMMAND_DIR"/che-init-image-stream.yaml
+IMAGE_POSTGRES=${IMAGE_POSTGRES:-"eclipse/che-postgres:nightly"}
 
-oc apply -f "$COMMAND_DIR"/postgres/
+for i in $(ls "$COMMAND_DIR"/postgres ); do
+    cat "${COMMAND_DIR}"/postgres/"${i}" | sed "s#\${IMAGE_POSTGRES}#${IMAGE_POSTGRES}#" | oc apply -f -
+done
 
 if [ "${CHE_EPHEMERAL}" == "true" ]; then
   oc volume dc/postgres --remove --confirm
   oc delete pvc/postgres-data
 fi
 
-IMAGE_INIT=${IMAGE_INIT:-"eclipse/che-init:nightly"}
-
-oc apply -f - <<-EOF
-
-apiVersion: v1
-kind: BuildConfig
-metadata:
-  name: che-init-image-stream-build
-spec:
-  nodeSelector: null
-  output:
-    to:
-      kind: ImageStreamTag
-      name: 'che-init:latest'
-  runPolicy: Serial
-  source:
-    dockerfile: |
-      FROM ${IMAGE_INIT}
-    type: Dockerfile
-  strategy:
-    dockerStrategy:
-      forcePull: true
-      from:
-        kind: DockerImage
-        name: '${IMAGE_INIT}'
-    type: Docker
-  triggers:
-    - type: ImageChange
-      imageChange: {}
-status:
-
-EOF
-
-IMAGE_POSTGRES=${IMAGE_POSTGRES:-centos/postgresql-96-centos7}
-
-oc apply -f - <<-EOF
-
-apiVersion: v1
-kind: ImageStream
-metadata:
-  name: postgres-source
-spec:
-  tags:
-  - from:
-      kind: DockerImage
-      name: ${IMAGE_POSTGRES}
-    name: latest
-    importPolicy:
-      scheduled: true
-
-EOF
-
-oc start-build che-init-image-stream-build
-
 "$COMMAND_DIR"/wait_until_postgres_is_available.sh

dockerfiles/init/modules/openshift/files/scripts/multi-user/keycloak/config/keycloak-config-pod-deployment.yaml

@@ -0,0 +1,28 @@
+# Copyright (c) 2018 Red Hat, Inc.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Eclipse Public License v1.0
+# which accompanies this distribution, and is available at
+# http://www.eclipse.org/legal/epl-v10.html
+#
+
+apiVersion: v1
+kind: Pod
+metadata:
+  labels:
+    app: keycloak-util
+  name: keycloak-util
+spec:
+    containers:
+    - env:
+      - name: CHE_HOST
+        value: "${CHE_HOST}"
+      - name: HTTP_PROTOCOL
+        value: "${HTTP_PROTOCOL}"
+      - name: KC_HOST
+        value: "${KC_HOST}"
+      - name: CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD
+        value: "${CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD}"
+      image: "${IMAGE_KEYCLOAK_UTIL}"
+      name: keycloak-util
+      imagePullPolicy: Always
+    restartPolicy: Never

dockerfiles/init/modules/openshift/files/scripts/multi-user/keycloak/deployment-config.yaml

@@ -36,7 +36,12 @@ spec:
           value: keycloak
         - name: POSTGRES_PASSWORD
           value: keycloak
-        image: ' '
+        - name: KEYCLOAK_USER
+          value: admin
+        - name: KEYCLOAK_PASSWORD
+          value: admin
+        image: '${IMAGE_KEYCLOAK}'
+        imagePullPolicy: Always
         name: keycloak
         livenessProbe:
           failureThreshold: 11
@@ -77,14 +82,4 @@ spec:
         persistentVolumeClaim:
           claimName: keycloak-log
   test: false
-  triggers:
-  - type: ConfigChange
-  - imageChangeParams:
-      automatic: true
-      containerNames:
-      - keycloak
-      from:
-        kind: ImageStreamTag
-        name: keycloak:latest
-    type: ImageChange
 status: {}

dockerfiles/init/modules/openshift/files/scripts/multi-user/postgres/build-config.yaml

@@ -1,41 +0,0 @@
-apiVersion: v1
-kind: BuildConfig
-metadata:
-  name: postgres-for-che
-spec:
-  nodeSelector: null
-  output:
-    to:
-      kind: ImageStreamTag
-      name: 'postgres:latest'
-  postCommit: {}
-  resources: {}
-  runPolicy: Serial
-  source:
-    images:
-      - from:
-          kind: ImageStreamTag
-          name: 'che-init:latest'
-        paths:
-          - destinationDir: ./
-            sourcePath: /etc/puppet/modules/postgres/templates/init-che-user.sh.erb
-          - destinationDir: .s2i/bin/
-            sourcePath: /files/s2i/postgres/assemble
-          - destinationDir: .s2i/bin/
-            sourcePath: /files/s2i/postgres/run
-    type: Image
-  strategy:
-    sourceStrategy:
-      from:
-        kind: ImageStreamTag
-        name: 'postgres-source:latest'
-    type: Source
-  triggers:
-  - type: "ImageChange" 
-    imageChange: {}
-  - type: "ImageChange" 
-    imageChange:
-      from:
-        kind: "ImageStreamTag"
-        name: "che-init:latest"
-status:

dockerfiles/init/modules/openshift/files/scripts/multi-user/postgres/deployment-config.yaml

@@ -32,7 +32,8 @@ spec:
           value: "pgchepassword"
         - name: "CHE_POSTGRES_DATABASE"
           value: "dbche"
-        image: ' '
+        image: '${IMAGE_POSTGRES}'
+        imagePullPolicy: Always
         name: postgres
         livenessProbe:
           failureThreshold: 3
@@ -68,14 +69,4 @@ spec:
         persistentVolumeClaim:
           claimName: postgres-data
   test: false
-  triggers:
-  - type: ConfigChange
-  - imageChangeParams:
-      automatic: true
-      containerNames:
-      - postgres
-      from:
-        kind: ImageStreamTag
-        name: postgres:latest
-    type: ImageChange
 status: {}

dockerfiles/init/modules/openshift/files/scripts/multi-user/postgres/image-stream.yaml

@@ -1,9 +0,0 @@
-apiVersion: v1
-kind: ImageStream
-metadata:
-  name: postgres
-spec:
-  lookupPolicy:
-    local: false
-  tags:
-    - name: latest

dockerfiles/init/modules/openshift/files/scripts/multi-user/wait_until_keycloak_is_available.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright (c) 2012-2017 Red Hat, Inc
+# Copyright (c) 2018 Red Hat, Inc.
 # All rights reserved. This program and the accompanying materials
 # are made available under the terms of the Eclipse Public License v1.0
 # which accompanies this distribution, and is available at
@@ -13,7 +13,7 @@ echo "[CHE] This script is going to wait until Keycloak is deployed and availabl
 command -v oc >/dev/null 2>&1 || { echo >&2 "[CHE] [ERROR] Command line tool oc (https://docs.openshift.org/latest/cli_reference/get_started_cli.html) is required but it's not installed. Aborting."; exit 1; }
 command -v jq >/dev/null 2>&1 || { echo >&2 "[CHE] [ERROR] Command line tool jq (https://stedolan.github.io/jq) is required but it's not installed. Aborting."; exit 1; }
 
-echo "[CHE] wait Keycloak pod booting..."
+echo "[CHE] Wait for Keycloak pod booting..."
 available=$(oc get dc keycloak -o json | jq ".status.conditions[] | select(.type == \"Available\") | .status")
 progressing=$(oc get dc keycloak -o json | jq ".status.conditions[] | select(.type == \"Progressing\") | .status")
 

dockerfiles/init/modules/openshift/files/scripts/multi-user/wait_until_postgres_is_available.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright (c) 2012-2017 Red Hat, Inc
+# Copyright (c) 2018 Red Hat, Inc.
 # All rights reserved. This program and the accompanying materials
 # are made available under the terms of the Eclipse Public License v1.0
 # which accompanies this distribution, and is available at
@@ -9,6 +9,7 @@
 set -e
 
 echo "[CHE] This script is going to wait until Postgres is deployed and available"
+echo "[CHE] It can take a couple of minutes depending on network and image availability"
 
 command -v oc >/dev/null 2>&1 || { echo >&2 "[CHE] [ERROR] Command line tool oc (https://docs.openshift.org/latest/cli_reference/get_started_cli.html) is required but it's not installed. Aborting."; exit 1; }
 command -v jq >/dev/null 2>&1 || { echo >&2 "[CHE] [ERROR] Command line tool jq (https://stedolan.github.io/jq) is required but it's not installed. Aborting."; exit 1; }

dockerfiles/keycloak-util/Dockerfile

@@ -1,16 +1,13 @@
-# Copyright (c) 2012-2017 Red Hat, Inc
+# Copyright (c) 2018 Red Hat, Inc.
 # All rights reserved. This program and the accompanying materials
 # are made available under the terms of the Eclipse Public License v1.0
 # which accompanies this distribution, and is available at
 # http://www.eclipse.org/legal/epl-v10.html
 #
 
-apiVersion: v1
-kind: ImageStream
-metadata:
-  name: keycloak
-spec:
-  lookupPolicy:
-    local: false
-  tags:
-    - name: latest
+FROM jboss/keycloak-openshift:3.3.0.CR2-3
+ADD . /scripts/
+USER root
+RUN chgrp -R 0 /scripts && \
+    chmod -R g+rwX /scripts
+ENTRYPOINT ["/scripts/keycloak_config.sh"]

dockerfiles/keycloak-util/build.sh

@@ -0,0 +1,19 @@
+#!/bin/sh
+# Copyright (c) 2018 Red Hat, Inc.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Eclipse Public License v1.0
+# which accompanies this distribution, and is available at
+# http://www.eclipse.org/legal/epl-v10.html
+#
+
+base_dir=$(cd "$(dirname "$0")"; pwd)
+. "${base_dir}"/../build.include
+
+# copy user and realm json templates
+cp -r ../init/modules/keycloak/templates/* .
+
+init --name:keycloak-util "$@"
+build
+
+# remove jsons
+rm *.erb

dockerfiles/keycloak-util/keycloak_config.sh

@@ -0,0 +1,33 @@
+#!/bin/bash
+# Copyright (c) 2018 Red Hat, Inc.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Eclipse Public License v1.0
+# which accompanies this distribution, and is available at
+# http://www.eclipse.org/legal/epl-v10.html
+
+echo "Configuring Keycloak..."
+
+cat /scripts/che-users-0.json.erb | \
+				    sed -e "/<% if scope.lookupvar('keycloak::che_keycloak_admin_require_update_password') == 'true' -%>/d" | \
+				    sed -e "/<% else -%>/d" | \
+				    sed -e "/<% end -%>/d" | \
+				    sed -e "/\"requiredActions\" : \[ \],/d" | \
+				    jq .users[] > /scripts/che-user.json
+
+if [ "${CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD}" == "false" ]; then
+   sed -i -e "s#\"UPDATE_PASSWORD\"##" /scripts/che-user.json
+fi
+
+cat /scripts/che-realm.json.erb | sed -e "s@<%= scope\.lookupvar('che::che_server_url') %>@${HTTP_PROTOCOL}://${CHE_HOST}@" > /scripts/realm.json
+
+echo "Creating Che realm and che-public client..."
+
+cd /opt/jboss/keycloak/bin
+
+./kcadm.sh create realms -f /scripts/realm.json --no-config --server ${HTTP_PROTOCOL}://${KC_HOST}/auth --realm master --user admin --password admin
+
+echo "Creating default Che user with the following credentials 'admin:admin'"
+
+./kcadm.sh create users -r che -f /scripts/che-user.json --no-config --server ${HTTP_PROTOCOL}://${KC_HOST}/auth --realm master --user admin --password admin
+
+echo "Done!"

dockerfiles/keycloak/Dockerfile

@@ -1,14 +1,9 @@
-# Copyright (c) 2012-2017 Red Hat, Inc
+# Copyright (c) 2018 Red Hat, Inc.
 # All rights reserved. This program and the accompanying materials
 # are made available under the terms of the Eclipse Public License v1.0
 # which accompanies this distribution, and is available at
 # http://www.eclipse.org/legal/epl-v10.html
 #
 
-apiVersion: v1
-kind: ImageStream
-metadata:
-  name: che-init
-spec:
-  tags:
-  - name: latest
+FROM jboss/keycloak-openshift:3.3.0.CR2-3
+ADD che /opt/jboss/keycloak/themes/che

dockerfiles/keycloak/build.sh

@@ -0,0 +1,19 @@
+#!/bin/sh
+# Copyright (c) 2018 Red Hat, Inc.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Eclipse Public License v1.0
+# which accompanies this distribution, and is available at
+# http://www.eclipse.org/legal/epl-v10.html
+#
+
+base_dir=$(cd "$(dirname "$0")"; pwd)
+. "${base_dir}"/../build.include
+
+# copy user and realm json templates
+cp -r ../init/modules/keycloak/files/che .
+
+init --name:keycloak "$@"
+build
+
+# remove files
+rm -rf che

dockerfiles/postgres/Dockerfile

@@ -0,0 +1,15 @@
+# Copyright (c) 2018 Red Hat, Inc.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Eclipse Public License v1.0
+# which accompanies this distribution, and is available at
+# http://www.eclipse.org/legal/epl-v10.html
+
+FROM centos/postgresql-96-centos7
+ADD init-che-user-and-run.sh.erb init-che-user.sh.erb /var/lib/pgsql/
+RUN cat /var/lib/pgsql/init-che-user.sh.erb | \
+    sed -e "/exit 0/d" > /var/lib/pgsql/init-che-user-and-run.sh && \
+    echo "exec run-postgresql \"\$@\"" >> /var/lib/pgsql/init-che-user-and-run.sh
+USER root
+RUN chmod +x /var/lib/pgsql/init-che-user-and-run.sh
+USER postgres
+CMD ["/var/lib/pgsql/init-che-user-and-run.sh"]

dockerfiles/postgres/build.sh

@@ -0,0 +1,18 @@
+#!/bin/sh
+# Copyright (c) 2018 Red Hat, Inc.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Eclipse Public License v1.0
+# which accompanies this distribution, and is available at
+# http://www.eclipse.org/legal/epl-v10.html
+
+base_dir=$(cd "$(dirname "$0")"; pwd)
+. "${base_dir}"/../build.include
+
+# copy user and realm json templates
+cp -r ../init/modules/postgres/templates/* .
+
+init --name:postgres "$@"
+build
+
+# remove jsons
+rm *.erb