Rename OPENSHIFT_IDENTITY_PROVIDER_CERTIFICATE to CHE_SELF__SIGNED__CERT
Sergii Leshchenko
parent
097845b20c
commit
331a63cd06
|
|
@ -149,11 +149,11 @@ objects:
|
|||
value: "${CHE_WORKSPACE_SIDECAR_DEFAULT__MEMORY__LIMIT__MB}"
|
||||
- name: ROUTING_SUFFIX
|
||||
value: "${ROUTING_SUFFIX}"
|
||||
- name: OPENSHIFT_IDENTITY_PROVIDER_CERTIFICATE
|
||||
- name: CHE_SELF__SIGNED__CERT
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: ca.crt
|
||||
name: openshift-identity-provider
|
||||
name: self-signed-certificate
|
||||
optional: true
|
||||
- name: CHE_WORKSPACE_PLUGIN__REGISTRY__URL
|
||||
value: "${CHE_WORKSPACE_PLUGIN__REGISTRY__URL}"
|
||||
|
|
|
|||
|
|
@ -58,11 +58,11 @@ objects:
|
|||
value: "${ROUTING_SUFFIX}"
|
||||
- name: CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD
|
||||
value: "${CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD}"
|
||||
- name: OPENSHIFT_IDENTITY_PROVIDER_CERTIFICATE
|
||||
- name: CHE_SELF__SIGNED__CERT
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: ca.crt
|
||||
name: openshift-identity-provider
|
||||
name: self-signed-certificate
|
||||
optional: true
|
||||
image: '${IMAGE_KEYCLOAK}:${KEYCLOAK_IMAGE_TAG}'
|
||||
command: ["/scripts/kc_realm_user.sh"]
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@
|
|||
kind: Template
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: openshift-identity-provider-certificate
|
||||
name: self-signed-certificate
|
||||
annotations:
|
||||
description: Che
|
||||
objects:
|
||||
|
|
@ -21,12 +21,11 @@ objects:
|
|||
${CERTIFICATE}
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: openshift-identity-provider
|
||||
name: self-signed-certificate
|
||||
namespace: che
|
||||
type: Opaque
|
||||
parameters:
|
||||
- name: CERTIFICATE
|
||||
displayName: Openshift console certificate
|
||||
labels:
|
||||
app: keycloak
|
||||
template: openshift-identity-provider-certificate
|
||||
template: self-signed-certificate
|
||||
|
|
|
|||
|
|
@ -283,9 +283,9 @@ init() {
|
|||
|
||||
add_cert_to_truststore() {
|
||||
|
||||
if [ "${OPENSHIFT_IDENTITY_PROVIDER_CERTIFICATE}" != "" ]; then
|
||||
if [ "${CHE_SELF__SIGNED__CERT}" != "" ]; then
|
||||
echo "Found a custom cert. Adding it to java trust store..."
|
||||
echo "${OPENSHIFT_IDENTITY_PROVIDER_CERTIFICATE}" > /home/user/openshift.crt
|
||||
echo "${CHE_SELF__SIGNED__CERT}" > /home/user/openshift.crt
|
||||
echo yes | keytool -keystore /home/user/openshift.jks -importcert -alias HOSTDOMAIN -file /home/user/openshift.crt -storepass minishift
|
||||
export JAVA_OPTS="${JAVA_OPTS} -Djavax.net.ssl.trustStore=/home/user/openshift.jks -Djavax.net.ssl.trustStorePassword=minishift"
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -33,8 +33,8 @@ if [ $KEYCLOAK_USER ] && [ $KEYCLOAK_PASSWORD ]; then
|
|||
/opt/jboss/keycloak/bin/add-user-keycloak.sh --user $KEYCLOAK_USER --password $KEYCLOAK_PASSWORD
|
||||
fi
|
||||
|
||||
if [ "${OPENSHIFT_IDENTITY_PROVIDER_CERTIFICATE}" != "" ]; then
|
||||
echo "${OPENSHIFT_IDENTITY_PROVIDER_CERTIFICATE}" > /scripts/openshift.cer
|
||||
if [ "${CHE_SELF__SIGNED__CERT}" != "" ]; then
|
||||
echo "${CHE_SELF__SIGNED__CERT}" > /scripts/openshift.cer
|
||||
keytool -importcert -alias HOSTDOMAIN -keystore /scripts/openshift.jks -file /scripts/openshift.cer -storepass openshift -noprompt
|
||||
keytool -importkeystore -srckeystore $JAVA_HOME/jre/lib/security/cacerts -destkeystore /scripts/openshift.jks -srcstorepass changeit -deststorepass openshift
|
||||
/opt/jboss/keycloak/bin/jboss-cli.sh --file=/scripts/cli/add_openshift_certificate.cli && rm -rf /opt/jboss/keycloak/standalone/configuration/standalone_xml_history
|
||||
|
|
|
|||
|
|
@ -127,11 +127,11 @@ spec:
|
|||
value: http
|
||||
- name: ROUTING_SUFFIX
|
||||
value: 172.19.20.234.nip.io
|
||||
- name: OPENSHIFT_IDENTITY_PROVIDER_CERTIFICATE
|
||||
- name: CHE_SELF__SIGNED__CERT
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: ca.crt
|
||||
name: openshift-identity-provider
|
||||
name: self-signed-certificate
|
||||
optional: true
|
||||
- name: CHE_WORKSPACE_PLUGIN__REGISTRY__URL
|
||||
value: 'NULL'
|
||||
|
|
|
|||
Loading…
Reference in New Issue