From 22a7881447bcf026f1967b127640db0021953173 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20Mass=C3=A9?= Date: Thu, 20 Jun 2019 16:54:50 +0200 Subject: [PATCH] enable tls bypass --- README.md | 21 ++++++++++++++++++++- testcase-02/Jenkinsfile | 1 + testcase-02/setup.yaml | 4 ++++ 3 files changed, 25 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 091dc41..67bbefb 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,13 @@ Create an OpenShift project to hold all your artefacts: oc project api-lifecycle ``` +Deploy a Jenkins master: + +```sh +oc new-app --template=jenkins-ephemeral --name=jenkins -p MEMORY_LIMIT=2Gi +oc set env dc/jenkins JENKINS_OPTS=--sessionTimeout=86400 +``` + Create a secret that contains all your [3scale remotes](https://github.com/3scale/3scale_toolbox/blob/master/docs/remotes.md): ```sh @@ -34,7 +41,15 @@ oc new-app --template=3scale-gateway --name=apicast-saas-production -p CONFIGURA oc scale dc/apicast-saas-staging --replicas=1 oc scale dc/apicast-saas-production --replicas=1 oc create route edge apicast-saas-staging --service=apicast-saas-staging --hostname=wildcard.saas-staging.app.itix.fr --insecure-policy=Allow --wildcard-policy=Subdomain -oc create route edge apicast-saas-production --service=apicast-saas-production --hostname=wildcard.saas-production.app... --insecure-policy=Allow --wildcard-policy=Subdomain +oc create route edge apicast-saas-production --service=apicast-saas-production --hostname=wildcard.saas-production.app.itix.fr --insecure-policy=Allow --wildcard-policy=Subdomain +``` + +Add wildcard routes to your existing 3scale on-prem instance: + +```sh +oc project 3scale-25 +oc create route edge apicast-wildcard-staging --service=apicast-staging --hostname=wildcard.onprem-staging.app.itix.fr --insecure-policy=Allow --wildcard-policy=Subdomain +oc create route edge apicast-wildcard-production --service=apicast-production --hostname=wildcard.onprem-production.app.itix.fr --insecure-policy=Allow --wildcard-policy=Subdomain ``` ## Usecases @@ -60,3 +75,7 @@ oc process -f testcase-01/setup.yaml -p DEVELOPER_ACCOUNT_ID=2445582535751 -p PR ```sh oc process -f testcase-02/setup.yaml -p DEVELOPER_ACCOUNT_ID=2445582535751 -p PRIVATE_BASE_URL=http://beer-catalog.app.itix.fr -p TARGET_INSTANCE=3scale-saas -p PUBLIC_STAGING_WILDCARD_DOMAIN=nmasse-redhat-staging.app.itix.fr -p PUBLIC_PRODUCTION_WILDCARD_DOMAIN=nmasse-redhat-production.app.itix.fr |oc create -f - ``` + +```sh +oc process -f testcase-02/setup.yaml -p DEVELOPER_ACCOUNT_ID=5 -p PRIVATE_BASE_URL=http://beer-catalog.app.itix.fr -p TARGET_INSTANCE=3scale-onprem -p PUBLIC_STAGING_WILDCARD_DOMAIN=onprem-staging.app.itix.fr -p PUBLIC_PRODUCTION_WILDCARD_DOMAIN=onprem-production.app.itix.fr -p DISABLE_TLS_VALIDATION=yes |oc create -f - +``` diff --git a/testcase-02/Jenkinsfile b/testcase-02/Jenkinsfile index 844a49d..b7448a8 100644 --- a/testcase-02/Jenkinsfile +++ b/testcase-02/Jenkinsfile @@ -23,6 +23,7 @@ node() { toolbox: [ openshiftProject: params.NAMESPACE, destination: params.TARGET_INSTANCE, image: "quay.io/redhat/3scale-toolbox:master", // TODO: remove me once the final image is released + insecure: params.DISABLE_TLS_VALIDATION != null && params.DISABLE_TLS_VALIDATION == "yes", secretName: params.SECRET_NAME], service: [:], applications: [ diff --git a/testcase-02/setup.yaml b/testcase-02/setup.yaml index bc5e80f..6f29092 100644 --- a/testcase-02/setup.yaml +++ b/testcase-02/setup.yaml @@ -31,6 +31,8 @@ objects: value: ${DEVELOPER_ACCOUNT_ID} - name: PRIVATE_BASE_URL value: ${PRIVATE_BASE_URL} + - name: DISABLE_TLS_VALIDATION + value: ${DISABLE_TLS_VALIDATION} parameters: - name: SECRET_NAME value: 3scale-toolbox @@ -48,3 +50,5 @@ parameters: required: true - name: PRIVATE_BASE_URL required: true +- name: DISABLE_TLS_VALIDATION + value: "no"