From d7b49f54487ca7885f31f9da9cd103f3f9617f4b Mon Sep 17 00:00:00 2001
From: Maxim Thomas <maxim.thomas@gmail.com>
Date: Tue, 29 Jan 2019 15:13:11 +0000
Subject: [PATCH] OpenDJ Openshift Template
---
opendj-packages/opendj-docker/pom.xml | 20 +-
opendj-packages/opendj-docker/run.sh | 64 +++++++
opendj-packages/opendj-docker/README.md | 25 ++
opendj-packages/opendj-docker/bootstrap/setup.sh | 27 +++
.travis.yml | 3
opendj-packages/opendj-openshift-template/opendj-template.yaml | 191 +++++++++++++++++++++
opendj-packages/opendj-openshift-template/README.md | 12 +
opendj-packages/opendj-docker/bootstrap/replicate.sh | 140 +++++++++++++++
opendj-packages/opendj-docker/Dockerfile | 49 +++--
9 files changed, 497 insertions(+), 34 deletions(-)
diff --git a/.travis.yml b/.travis.yml
index 285f3b7..d958daf 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -36,6 +36,7 @@
- "opendj-packages/opendj-rpm/opendj-rpm-standard/target/rpm/opendj/RPMS/noarch/*.rpm"
- "opendj-packages/opendj-msi/opendj-msi-standard/target/*.msi"
- "opendj-packages/opendj-docker/target/Dockerfile"
+ - "opendj-packages/opendj-openshift-template/*.yaml"
- "opendj-doc-generated-ref/target/*.zip"
- "opendj-dsml-servlet/target/*.war"
- "opendj-rest2ldap-servlet/target/*.war"
@@ -94,4 +95,4 @@
- mvn -q -B -V -DskipTests -Dmaven.javadoc.skip=true install -f forgerock-parent
script:
- echo "mvn -B install $INSTALL_SUFFIX"
- - eval "mvn -B install $INSTALL_SUFFIX"
\ No newline at end of file
+ - eval "mvn -B install $INSTALL_SUFFIX"
diff --git a/opendj-packages/opendj-docker/Dockerfile b/opendj-packages/opendj-docker/Dockerfile
index afd8a99..878b909 100644
--- a/opendj-packages/opendj-docker/Dockerfile
+++ b/opendj-packages/opendj-docker/Dockerfile
@@ -2,42 +2,51 @@
MAINTAINER Open Identity Platform Community <open-identity-platform-opendj@googlegroups.com>
-ARG ADD_BASE_ENTRY="--addBaseEntry"
+ENV ADD_BASE_ENTRY="--addBaseEntry"
-ARG PORT=1389
+ENV PORT=1389
-ARG LDAPS_PORT=1636
+ENV LDAPS_PORT=1636
-ARG BASE_DN="dc=example,dc=com"
+ENV BASE_DN=${BASE_DN:-"dc=example,dc=com"}
-ARG ROOT_USER_DN="cn=Directory Manager"
+ENV ROOT_USER_DN=${ROOT_USER_DN:-"cn=Directory Manager"}
-ARG ROOT_PASSWORD=password
+ENV ROOT_PASSWORD=${ROOT_PASSWORD:-"password"}
-ARG VERSION=@project_version@
+ENV SECRET_VOLUME=${SECRET_VOLUME}
-ARG OPENDJ_USER="opendj"
+ENV MASTER_SERVER=${MASTER_SERVER}
+
+ENV OPENDJ_REPLICATION_TYPE=${OPENDJ_REPLICATION_TYPE}
+
+ENV VERSION=@project_version@
+
+#ENV VERSION=4.3.1
+
+ENV OPENDJ_USER="opendj"
WORKDIR /opt
-RUN apt-get install -y wget unzip
-
-RUN wget --quiet \
+RUN wget --show-progress --progress=bar:force:noscroll --quiet \
https://github.com/OpenIdentityPlatform/OpenDJ/releases/download/$VERSION/opendj-$VERSION.zip && \
unzip opendj-$VERSION.zip && \
rm -r opendj-$VERSION.zip
-RUN useradd -m -r -u 1001 -g root $OPENDJ_USER
+RUN echo "/opt/opendj/data" > /opt/opendj/instance.loc && \
+ mkdir -p /opt/opendj/data/lib/extensions
+
+ADD bootstrap/ /opt/opendj/bootstrap/
+
+ADD run.sh /opt/opendj/run.sh
+
+RUN useradd -m -r -u 1001 -G root,sudo $OPENDJ_USER
RUN chgrp -R 0 /opt/opendj && \
- chmod -R g=u /opt/opendj
-
-USER $OPENDJ_USER
-
-RUN /opt/opendj/setup --cli -p $PORT --ldapsPort $LDAPS_PORT --enableStartTLS \
- --generateSelfSignedCertificate --baseDN "$BASE_DN" -h localhost --rootUserDN "$ROOT_USER_DN" \
- --rootUserPassword "$ROOT_PASSWORD" --acceptLicense --no-prompt --doNotStart $ADD_BASE_ENTRY
+ chmod -R g=u /opt/opendj
EXPOSE $PORT $LDAPS_PORT 4444
-CMD ["/opt/opendj/bin/start-ds", "--nodetach"
+USER $OPENDJ_USER
+
+ENTRYPOINT ["/opt/opendj/run.sh"]
diff --git a/opendj-packages/opendj-docker/README.md b/opendj-packages/opendj-docker/README.md
index d5f4b5a..baa77f2 100644
--- a/opendj-packages/opendj-docker/README.md
+++ b/opendj-packages/opendj-docker/README.md
@@ -1,8 +1,25 @@
# How-to:
Build docker image:
-
- docker build . -t openidentityplatform/opendj
-
+```bash
+docker build . -t openidentityplatform/opendj
+```
Run image
+```bash
+docker run -d -p 1389:1389 -p 1636:1636 -p 4444:4444 --name opendj openidentityplatform/opendj
+```
- docker run -d -p 1389:1389 -p 1636:1636 -p 4444:4444 --name opendj openidentityplatform/opendj
+## Environment Variables
+
+|Variable|Default Value|Description|
+|--------|-------------|-----------|
+|ADD_BASE_ENTRY|--addBaseEntry|if set, creates base DN entry|
+|PORT|1389|LDAP Listener Port|
+|LDAPS_PORT|1636|LDAPS Listener Port|
+|BASE_DN|dc=example,dc=com|OpenDJ Base DN |
+|ROOT_USER_DN|cn=Directory Manager|Initial root user DN|
+|ROOT_PASSWORD|password|Initial root user password|
+|SECRET_VOLUME|-|Mounted keystore volume, if present copies keystore over|
+|MASTER_SERVER|-|Replication master server|
+|VERSION|4.3.1|OpenDJ version|
+|OPENDJ_USER|-|user which runs OpenDJ|
+|OPENDJ_REPLICATION_TYPE|-|OpenDJ Replication type, valid values are: <ul><li>simple - standart replication</li><li>srs - standalone replication servers</li><li>sdsr - Standalone Directory Server Replicas</li><li>rg - Replication Groups</li></ul>Other values will be ignored|
diff --git a/opendj-packages/opendj-docker/bootstrap/replicate.sh b/opendj-packages/opendj-docker/bootstrap/replicate.sh
new file mode 100755
index 0000000..51029cc
--- /dev/null
+++ b/opendj-packages/opendj-docker/bootstrap/replicate.sh
@@ -0,0 +1,140 @@
+#!/usr/bin/env bash
+# Replicate to the master server hostname defined in $1
+# If that server is ourself this is a no-op
+
+# This is a bit kludgy.
+# The hostname has to be a fully resolvable DNS name in the cluster
+# If the service is called
+
+MYHOSTNAME=${MYHOSTNAME:-`hostname -f`}
+
+echo "Setting up replication from $MYHOSTNAME to $MASTER_SERVER"
+
+# For debug
+
+# K8s puts the service name in /etc/hosts
+if grep ${MASTER_SERVER} /etc/hosts; then
+ echo "We are the master. Skipping replication setup to ourself"
+ exit 0
+fi
+
+# Comment out
+echo "replicate ENV vars:"
+env
+
+# todo: Replace with command to test for master being reachable and up
+# This is hacky....
+echo "Will sleep for a bit to ensure master is up"
+
+sleep 5
+
+if [ "$OPENDJ_REPLICATION_TYPE" == "simple" ] then
+ echo "Enabling Standart Replication..."
+ /opt/opendj/bin/dsreplication enable --host1 $MYHOSTNAME --port1 4444 \
+ --bindDN1 "$ROOT_USER_DN" \
+ --bindPassword1 $ROOT_PASSWORD --replicationPort1 8989 \
+ --host2 $MASTER_SERVER --port2 4444 --bindDN2 "$ROOT_USER_DN" \
+ --bindPassword2 $ROOT_PASSWORD --replicationPort2 8989 \
+ --adminUID admin --adminPassword $ROOT_PASSWORD --baseDN $BASE_DN -X -n
+
+ echo "initializing replication"
+
+ /opt/opendj/bin/dsreplication initialize --baseDN $BASE_DN \
+ --adminUID admin --adminPassword $ROOT_PASSWORD \
+ --hostSource $MYHOSTNAME --portSource 4444 \
+ --hostDestination $MASTER_SERVER --portDestination 4444 -X -n
+
+elif [ "$OPENDJ_REPLICATION_TYPE" == "srs" ] then
+ echo "Enabling Standalone Replication Servers..."
+ dsreplication enable \
+ --adminUID admin \
+ --adminPassword $ROOT_PASSWORD \
+ --baseDN $BASE_DN \
+ --host1 $MYHOSTNAME \
+ --port1 4444 \
+ --bindDN1 "$ROOT_USER_DN" \
+ --bindPassword1 $ROOT_PASSWORD \
+ --noReplicationServer1 \
+ --host2 $MASTER_SERVER \
+ --port2 4444 \
+ --bindDN2 "$ROOT_USER_DN" \
+ --bindPassword2 $ROOT_PASSWORD \
+ --replicationPort2 8989 \
+ --onlyReplicationServer2 \
+ --trustAll \
+ --no-prompt;
+
+ echo "initializing replication"
+
+ dsreplication \
+ initialize-all \
+ --adminUID admin \
+ --adminPassword $ROOT_PASSWORD \
+ --baseDN $BASE_DN \
+ --hostname $MYHOSTNAME \
+ --port 4444 \
+ --trustAll \
+ --no-prompt
+
+elif [ "$OPENDJ_REPLICATION_TYPE" == "sdsr" ] then
+ echo "Enabling Standalone Directory Server Replicas...."
+ dsreplication \
+ enable \
+ --adminUID admin \
+ --adminPassword $ROOT_PASSWORD \
+ --baseDN $BASE_DN \
+ --host1 $MASTER_SERVER \
+ --port1 4444 \
+ --bindDN1 "$ROOT_USER_DN" \
+ --bindPassword1 $ROOT_PASSWORD \
+ --host2 $MYHOSTNAME \
+ --port2 4444 \
+ --bindDN2 "$ROOT_USER_DN" \
+ --bindPassword2 ROOT_PASSWORD \
+ --noReplicationServer2 \
+ --trustAll \
+ --no-prompt
+
+ echo "initializing replication"
+
+ dsreplication \
+ initialize \
+ --adminUID admin \
+ --adminPassword $ROOT_PASSWORD \
+ --baseDN $BASE_DN \
+ --hostSource $MASTER_SERVER \
+ --portSource 4444 \
+ --hostDestination $MYHOSTNAME \
+ --portDestination 4444 \
+ --trustAll \
+ --no-prompt
+
+elif [ "$OPENDJ_REPLICATION_TYPE" == "rg" ] then
+ echo "Enabling Replication Groups..."
+
+ dsconfig \
+ set-replication-domain-prop \
+ --port 4444 \
+ --hostname $MYHOSTNAME \
+ --bindDN "$ROOT_USER_DN" \
+ --bindPassword $ROOT_PASSWORD \
+ --provider-name "Multimaster Synchronization" \
+ --domain-name $BASE_DN \
+ --set group-id:$OPENDJ_REPLICATION_GROUP_ID \
+ --trustAll \
+ --no-prompt
+
+ dsconfig \
+ set-replication-server-prop \
+ --port 4444 \
+ --hostname $MASTER_SERVER \
+ --bindDN "$ROOT_USER_DN" \
+ --bindPassword $ROOT_PASSWORD \
+ --provider-name "Multimaster Synchronization" \
+ --set group-id:$OPENDJ_REPLICATION_GROUP_ID \
+ --trustAll \
+ --no-prompt
+
+else
+ echo "Unknown replication type, skiping replication..."
+fi
diff --git a/opendj-packages/opendj-docker/bootstrap/setup.sh b/opendj-packages/opendj-docker/bootstrap/setup.sh
new file mode 100755
index 0000000..ddb8bca
--- /dev/null
+++ b/opendj-packages/opendj-docker/bootstrap/setup.sh
@@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+# Default setup script
+
+echo "Setting up default OpenDJ instance"
+
+# If any optional LDIF files are present load them
+
+/opt/opendj/setup --cli -p $PORT --ldapsPort $LDAPS_PORT --enableStartTLS --generateSelfSignedCertificate \
+ --baseDN $BASE_DN -h localhost --rootUserPassword "$ROOT_PASSWORD" \
+ --acceptLicense --no-prompt $ADD_BASE_ENTRY #--sampleData 1
+
+
+if [ -d /opt/opendj/bootstrap/schema/ ]; then
+ echo "Loading initial schema:"
+ for file in /opt/opendj/bootstrap/schema/*; do
+ echo "Loading $file ..."
+ /opt/opendj/bin/ldapmodify -D "$ROOT_USER_DN" -h localhost -p $PORT -w $ROOT_PASSWORD -f $file
+ done
+fi
+
+if [ -d /opt/opendj/bootstrap/data/ ]; then
+ echo "Loading initial data:"
+ for file in /opt/opendj/bootstrap/data/*; do
+ echo "Loading $file ..."
+ /opt/opendj/bin/ldapmodify -D "$ROOT_USER_DN" -h localhost -p $PORT -w $ROOT_PASSWORD -f $file
+ done
+fi
diff --git a/opendj-packages/opendj-docker/pom.xml b/opendj-packages/opendj-docker/pom.xml
index 4666537..a11993f 100644
--- a/opendj-packages/opendj-docker/pom.xml
+++ b/opendj-packages/opendj-docker/pom.xml
@@ -12,7 +12,7 @@
Header, with the fields enclosed by brackets [] replaced by your own identifying
information: "Portions Copyright [year] [name of copyright owner]".
- Copyright 2015-2016 ForgeRock AS.
+ Copyright 2018-2019 Open Identity Platform Community.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
@@ -40,8 +40,8 @@
</description>
<build>
- <plugins>
- <plugin>
+ <plugins>
+ <plugin>
<artifactId>maven-antrun-plugin</artifactId>
<executions>
<execution>
@@ -49,11 +49,13 @@
<configuration>
<tasks>
<copy todir="${project.build.directory}">
- <fileset dir="${basedir}">
- <include name="Dockerfile" /> <!--NOTE DIFFERENCE HERE-->
- </fileset>
- </copy>
- <replace token="@project_version@" value="${project.version}" dir="target/">
+ <fileset dir="${basedir}">
+ <include name="Dockerfile" /> <!--NOTE DIFFERENCE HERE-->
+ <include name="bootstrap/**" />
+ <include name="run.sh" />
+ </fileset>
+ </copy>
+ <replace token="@project_version@" value="${project.version}" dir="target/">
<include name="Dockerfile" />
</replace>
</tasks>
@@ -64,6 +66,6 @@
</execution>
</executions>
</plugin>
- </plugins>
+ </plugins>
</build>
</project>
diff --git a/opendj-packages/opendj-docker/run.sh b/opendj-packages/opendj-docker/run.sh
new file mode 100755
index 0000000..d91e4ea
--- /dev/null
+++ b/opendj-packages/opendj-docker/run.sh
@@ -0,0 +1,64 @@
+#!/usr/bin/env bash
+# Run the OpenDJ server
+# The idea is to consolidate all of the writable DJ directories to
+# a single instance directory root, and update DJ's instance.loc file to point to that root
+# This allows us to to mount a data volume on that root which gives us
+# persistence across restarts of OpenDJ.
+# For Docker - mount a data volume on /opt/opendj/data
+# For Kubernetes mount a PV
+
+
+cd /opt/opendj
+
+
+# Instance dir does not exist? Then we need to run setup
+if [ ! -d ./data/config ] ; then
+
+ echo "Instance data Directory is empty. Creating new DJ instance"
+
+ BOOTSTRAP=${BOOTSTRAP:-/opt/opendj/bootstrap/setup.sh}
+
+ export BASE_DN=${BASE_DN:-"dc=example,dc=com"}
+ echo "BASE DN is ${BASE_DN}"
+
+ export PASSWORD=${ROOT_PASSWORD:-password}
+
+ echo "Password set to $PASSWORD"
+
+ echo "Running $BOOTSTRAP"
+ sh "${BOOTSTRAP}"
+
+ # Check if OPENDJ_REPLICATION_TYPE var is set. If it is - replicate to that server
+ if [ ! -z ${MASTER_SERVER} ] && [ ! -z ${OPENDJ_REPLICATION_TYPE} ]; then
+ /opt/opendj/bootstrap/replicate.sh
+ fi
+else
+ exec ./bin/start-ds --nodetach
+ return
+fi
+
+# Check if keystores are mounted as a volume, and if so
+# Copy any keystores over
+SECRET_VOLUME=${SECRET_VOLUME:-/var/secrets/opendj}
+
+if [ -d "${SECRET_VOLUME}" ]; then
+ echo "Secret volume is present. Will copy any keystores and truststore"
+ # We send errors to /dev/null in case no data exists.
+ cp -f ${SECRET_VOLUME}/key* ${SECRET_VOLUME}/trust* ./data/config 2>/dev/null
+fi
+
+# todo: Check /opt/opendj/data/config/buildinfo
+# Run upgrade if the server is older
+
+if (bin/status -n | grep Started) ; then
+ echo "OpenDJ is started"
+ # We cant exit because we are pid 1
+ while true; do sleep 100000; done
+fi
+
+
+echo "Starting OpenDJ"
+
+#
+
+exec ./bin/start-ds --nodetach
diff --git a/opendj-packages/opendj-openshift-template/README.md b/opendj-packages/opendj-openshift-template/README.md
new file mode 100644
index 0000000..097faf9
--- /dev/null
+++ b/opendj-packages/opendj-openshift-template/README.md
@@ -0,0 +1,12 @@
+# How-to:
+## Install template to OpenShift
+```bash
+oc create -f opendj-template.yml
+```
+if you already installed the template and want to update it, run
+
+```bash
+oc update -f opendj-template.yml
+```
+
+After installation, OpenDJ template available in OpenShift Catalog.
diff --git a/opendj-packages/opendj-openshift-template/opendj-template.yaml b/opendj-packages/opendj-openshift-template/opendj-template.yaml
new file mode 100644
index 0000000..51ffb6b
--- /dev/null
+++ b/opendj-packages/opendj-openshift-template/opendj-template.yaml
@@ -0,0 +1,191 @@
+---
+apiVersion: v1
+kind: Template
+labels:
+ template: opendj-persistent-template
+message: |-
+ The following service(s) have been created in your project: ${OPENDJ_SERVICE_NAME}.
+
+ Root user DN: ${OPENDJ_ROOT_USER_DN}
+ Password: ${OPENDJ_ROOT_PASSWORD}
+ Base DN: ${OPENDJ_BASE_DN}
+ Connection URL: ldap://${OPENDJ_SERVICE_NAME}:1389/
+ Replication: ${OPENDJ_REPLICATION_TYPE}
+ Master Server: ${OPENDJ_MASTER_SERVER}
+ Secret Volume: ${OPENDJ_SECRET_VOLUME}
+
+ For more information about using this template, including OpenShift considerations, see TODO: add urls.
+metadata:
+ annotations:
+ description: |-
+ OpenDJ is an LDAPv3 compliant directory service, which has been developed for the Java platform, providing a high performance, highly available, and secure store for the identities managed by your organization.
+ For more information about using this template, including OpenShift considerations, see TODO: add urls.
+
+ NOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.
+ iconClass: icon-sso
+ openshift.io/display-name: OpenDJ
+ openshift.io/documentation-url: https://github.com/OpenIdentityPlatform/OpenDJ/wiki
+ openshift.io/long-description: This template provides a standalone OpenDJ
+ server with a database created. The database is stored on persistent storage. The
+ root DN, base DN, and password are chosen via parameters when provisioning
+ this service.
+ openshift.io/provider-display-name: Open Identity Platform Community.
+ openshift.io/support-url: http://www.openidentityplatform.org
+ tags: database,opendj,ldap
+ name: opendj
+objects:
+#Secret
+- apiVersion: v1
+ kind: Secret
+ metadata:
+ annotations:
+ template.openshift.io/expose-password: "{.data['opendj-root-password']}"
+ name: ${OPENDJ_SERVICE_NAME}
+ labels:
+ name: ${OPENDJ_SERVICE_NAME}
+ stringData:
+ opendj-root-password: ${OPENDJ_ROOT_PASSWORD}
+
+#Service
+- apiVersion: v1
+ kind: Service
+ metadata:
+ annotations:
+ template.openshift.io/expose-uri: ldap://{.spec.clusterIP}:{.spec.ports[?(.name=="opendj")].port}
+ name: "${OPENDJ_SERVICE_NAME}"
+ labels:
+ name: ${OPENDJ_SERVICE_NAME}
+ spec:
+ ports:
+ - name: 1389-tcp
+ port: 1389
+ protocol: TCP
+ targetPort: 1389
+ - name: 1636-tcp
+ port: 1636
+ protocol: TCP
+ targetPort: 1636
+ - name: 4444-tcp
+ port: 4444
+ protocol: TCP
+ targetPort: 4444
+ selector:
+ name: "${OPENDJ_SERVICE_NAME}"
+ sessionAffinity: None
+ clusterIP: None
+ type: ClusterIP
+ selector:
+ app: ${OPENDJ_SERVICE_NAME}
+
+#StatefulSet
+- apiVersion: apps/v1
+ kind: StatefulSet
+ metadata:
+ name: ${OPENDJ_SERVICE_NAME}
+ labels:
+ app: ${OPENDJ_SERVICE_NAME}
+ spec:
+ serviceName: ${OPENDJ_SERVICE_NAME}
+ replicas: 1
+ selector:
+ matchLabels:
+ app: ${OPENDJ_SERVICE_NAME}
+ template:
+ metadata:
+ labels:
+ app: ${OPENDJ_SERVICE_NAME}
+ spec:
+ terminationGracePeriodSeconds: 1800
+ containers:
+ - name: "${OPENDJ_SERVICE_NAME}"
+ image: docker.io/openidentityplatform/opendj
+ imagePullPolicy: Always
+ ports:
+ - containerPort: 1389
+ protocol: TCP
+ - containerPort: 1636
+ protocol: TCP
+ - containerPort: 4444
+ protocol: TCP
+ resources: {}
+ #securityContext:
+ #lifecycle: {}
+ volumeMounts:
+ - mountPath: "/opt/opendj/data/"
+ name: "${OPENDJ_SERVICE_NAME}-data"
+ env:
+ - name: BASE_DN
+ value: ${OPENDJ_BASE_DN}
+ - name: ROOT_USER_DN
+ value: ${OPENDJ_ROOT_USER_DN}
+ - name: ROOT_PASSWORD
+ value: ${OPENDJ_ROOT_PASSWORD}
+ - name: MASTER_SERVER
+ value: ${OPENDJ_MASTER_SERVER}
+ - name: SECRET_VOLUME
+ value: ${OPENDJ_SECRET_VOLUME}
+ - name: MYHOSTNAME
+ value: ${OPENDJ_SERVICE_NAME}
+ volumeClaimTemplates:
+ - metadata:
+ name: "${OPENDJ_SERVICE_NAME}-data"
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: "${VOLUME_CAPACITY}"
+
+parameters:
+- description: The name of the OpenShift Service exposed for the database.
+ displayName: Database Service Name
+ name: OPENDJ_SERVICE_NAME
+ required: true
+ value: "opendj"
+- description: DN for OpenDJ user that will be used for accessing the database.
+ displayName: OpenDJ Root User DN
+ name: OPENDJ_ROOT_USER_DN
+ required: true
+ value: "cn=Directory Manager"
+- description: Password for the OpenDJ Root User.
+ displayName: OpenDJ Connection Password
+ from: "[a-zA-Z0-9]{16}"
+ generate: expression
+ name: OPENDJ_ROOT_PASSWORD
+ required: true
+- description: Name of the OpenDJ Base DN
+ displayName: Base DN
+ name: OPENDJ_BASE_DN
+ required: true
+ value: "dc=example,dc=com"
+- description: Volume space available for data, e.g. 512Mi, 2Gi.
+ displayName: Volume Capacity
+ name: VOLUME_CAPACITY
+ required: true
+ value: 20Gi
+- description: |-
+ OpenDJ Replication type, valid values are:
+ simple - standart replication
+ srs - standalone replication servers
+ sdsr - Standalone Directory Server Replicas
+ rg - Replication Groups
+ Other values will be ignored
+ displayName: OpenDJ Replication Type
+ name: OPENDJ_REPLICATION_TYPE
+ value:
+ required: false
+- description: OpenDJ master server for replication.
+ displayName: OpenDJ Master Server
+ name: OPENDJ_MASTER_SERVER
+ value:
+ required: false
+- description: OpenDJ replication group id, used only for rg replication type
+ displayName: OpenDJ Replication Group Id
+ name: OPENDJ_REPLICATION_GROUP_ID
+ value:
+ required: false
+- description: Secret keystore volume.
+ displayName: Secret Keystore Volume
+ name: OPENDJ_SECRET_VOLUME
+ value:
+ required: false
--
Gitblit v1.10.0