diff --git a/SANDBOX-Jenkinsfile b/SANDBOX-Jenkinsfile new file mode 100644 index 000000000..10238528d --- /dev/null +++ b/SANDBOX-Jenkinsfile @@ -0,0 +1,210 @@ +APP_NAME = "embcess-sandbox" +PROJECT_NAMESPACE = "jhnamn" + +class AppEnvironment { + String name + String tag + String previousTag +} + +// EDIT LINE BELOW (Edit your environment TAG names) +environments = [ + dev:new AppEnvironment(name:"Development",tag:"dev",previousTag:"dev-previous"), +] + +// You shouldn't have to edit these if you're following the conventions +ARTIFACT_BUILD = APP_NAME +RUNTIME_CHAINED_BUILD = "${APP_NAME}" + +IMAGESTREAM_NAME = "${APP_NAME}" + +PATHFINDER_URL = "pathfinder.gov.bc.ca" + + +// Gets the container hash for the latest image in an image stream +def getLatestHash(imageStreamName) { + return sh ( + script: """oc get istag ${imageStreamName}:latest -o=jsonpath='{@.image.metadata.name}' | sed -e 's/sha256://g'""", + returnStdout: true + ).trim() +} + +// Gets all tags already applied to this ImageStream (as a single string); e.g., 'dev test dev-previous my-other-tag ...' +def getAllTags(imageStreamName) { + return sh ( + script: """oc get is ${imageStreamName} -o template --template='{{range .status.tags}}{{" "}}{{.tag}}{{end}}'""", + returnStdout: true + ).trim() +} + +// Checks whether we are running this pipeline for the first time by looking at what tags are available on the application's ImageStream +def tagExists(tagName, imageStream) { + def tags = getAllTags(imageStream) + def entries = tags.split(" ") + for (entry in entries) { + if (entry == tagName) { + return true + } + } + return false +} + +def buildAndVerify(buildConfigName) { + echo "Building: ${buildConfigName}" + openshiftBuild( + bldCfg: buildConfigName, + showBuildLogs: 'true', + waitTime: '900000' + ) + openshiftVerifyBuild( + bldCfg: buildConfigName, + showBuildLogs: 'true', + waitTime: '900000' + ) +} + +def tagImage(srcHash, destination, imageStream) { + openshiftTag( + destStream: imageStream, + verbose: 'true', + destTag: destination, + srcStream: imageStream, + srcTag: srcHash, + waitTime: '900000' + ) +} + +// Keeps a copy of last good known configuration for a deployment (just in case) +def tagLatestStable(environment, backupTag, imageStream) { + // skip this on the first run... there's nothing to backup! + if (tagExists(environment, imageStream)) { + tagImage(environment, backupTag, imageStream) + } +} + +def deployAndVerify(srcHash, environment, imageStream) { + echo "Deploying ${APP_NAME} to ${environment}" + tagImage(srcHash, environment, imageStream) + // verify deployment to an environment; e.g. [your-project-name]-dev + openshiftVerifyDeployment( + deploymentConfig: APP_NAME, + namespace: "${PROJECT_NAMESPACE}-${environment}", + waitTime: '900000' + ) +} + +// Generates a string representation of the current code changes that triggered a build +def getChangeString() { + def MAX_MSG_LEN = 512 + def changeString = "" + def changeLogSets = currentBuild.changeSets + for (int i = 0; i < changeLogSets.size(); i++) { + def entries = changeLogSets[i].items + for (int j = 0; j < entries.length; j++) { + def entry = entries[j] + truncated_msg = entry.msg.take(MAX_MSG_LEN) + changeString += " - ${truncated_msg} [${entry.author}]\n" + } + } + if (!changeString) { + changeString = "No changes" + } + return changeString +} + +def notifyGood(title, description) { + // TODO: Send notifications to Slack + echo title + if (description) { + echo description + } +} + +def notifyError(title, description) { + // TODO: Send notifications to Slack + echo title + if (description) { + echo description + } +} + +node('master') { + + stage('Startup') { + // stop pending builds. + sh "oc cancel-build bc/${RUNTIME_CHAINED_BUILD}" + } + stage('Build') { + echo "Building Application image..." + buildAndVerify(ARTIFACT_BUILD) + + IMAGE_HASH = getLatestHash(IMAGESTREAM_NAME) + echo ">> IMAGE_HASH: ${IMAGE_HASH}" + + } + + + + /* Deploying to DEV + - backing up latest stable deployment + - deploying newly built image + - notifying of success or failure + */ + + stage("Deploy to ${environments.dev.name}") { + def environment = environments.dev.tag + def stableTag = environments.dev.previousTag + node { + try { + // hold on to a copy of the last stable DEV environment (in case the upcoming deployment fails...) + tagLatestStable(environment, stableTag, IMAGESTREAM_NAME) + deployAndVerify(IMAGE_HASH, environment, IMAGESTREAM_NAME) + // all is good! + notifyGood( + "New ${APP_NAME} in ${environment} :)", + "Changes: ${getChangeString()}" + ) + } catch(error) { + notifyError( + "Couldn't deploy ${APP_NAME} to ${environment} :(", + "Error: '${error.message}'" + ) + throw error + } + } + } +} + +// ZAP security scan + +podTemplate(label: 'owasp-zap2', name: 'owasp-zap2', serviceAccount: 'jenkins', cloud: 'openshift', containers: [ + containerTemplate( + name: 'jnlp', + image: '172.50.0.2:5000/openshift/jenkins-slave-zap', + resourceRequestCpu: '500m', + resourceLimitCpu: '1000m', + resourceRequestMemory: '3Gi', + resourceLimitMemory: '4Gi', + workingDir: '/home/jenkins', + command: '', + args: '${computer.jnlpmac} ${computer.name}' + ) +]) +{ + stage('ZAP Security Scan') + { + node('owasp-zap2') { + //the checkout is mandatory + echo "checking out source" + echo "Build: ${BUILD_ID}" + checkout scm + + dir('/zap') { + def retVal = sh returnStatus: true, script: '/zap/zap-baseline.py -r baseline.html -t https://embcess-develop-jhnamn.pathfinder.gov.bc.ca ' + publishHTML([allowMissing: false, alwaysLinkToLastBuild: false, keepAll: true, reportDir: '/zap/wrk', reportFiles: 'baseline.html', reportName: 'ZAP Baseline Scan', reportTitles: 'ZAP Baseline Scan']) + echo "Return value is: ${retVal}" + + } + } + } +} diff --git a/openshift/templates/embcess/embc-app-deploy.json b/openshift/templates/embcess/embc-app-deploy.json index 93eab28d8..43f8cc12d 100644 --- a/openshift/templates/embcess/embc-app-deploy.json +++ b/openshift/templates/embcess/embc-app-deploy.json @@ -1,470 +1,475 @@ { - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "name": "${NAME}-deployment-template", - "creationTimestamp": null - }, - "objects": [ - { - "apiVersion": "v1", - "kind": "Secret", - "stringData": { - "db-admin-password": "${DB_ADMIN_PASSWORD}", - "db-databasename": "ess-training", - "db-password": "${DB_PASSWORD}", - "db-username": "ess-training" - }, - "metadata": { - "annotations": { - "template.openshift.io/expose-db-admin-password": "{.data['db-admin-password']}", - "template.openshift.io/expose-db-databasename": "{.data['db-databasename']}", - "template.openshift.io/expose-db-password": "{.data['db-password']}", - "template.openshift.io/expose-db-username": "{.data['db-username']}" - }, - "name": "embcess-training", - "namespace": "jhnamn-test", - "selfLink": "/api/v1/namespaces/jhnamn-test/secrets/embc-training" - } + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "name": "${NAME}-deployment-template", + "creationTimestamp": null + }, + "objects": [ + { + "apiVersion": "v1", + "kind": "Secret", + "stringData": { + "db-admin-password": "${DB_ADMIN_PASSWORD}", + "db-databasename": "${DB_NAME}", + "db-password": "${DB_PASSWORD}", + "db-username": "${DB_NAME}" + }, + "metadata": { + "annotations": { + "template.openshift.io/expose-db-admin-password": "{.data['db-admin-password']}", + "template.openshift.io/expose-db-databasename": "{.data['db-databasename']}", + "template.openshift.io/expose-db-password": "{.data['db-password']}", + "template.openshift.io/expose-db-username": "{.data['db-username']}" }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${NAME}", - "labels": { - "template": "${NAME}-deployment" - }, - "annotations": { - "description": "Defines how to deploy ${NAME}" - } - }, - "spec": { - "strategy": { - "type": "Rolling" - }, - "triggers": [ - { - "type": "ConfigChange" - }, - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${NAME}" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "${IMAGE_NAMESPACE}", - "name": "${SOURCE_IMAGE_NAME}:${TAG_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "name": "${NAME}" - }, - "template": { - "metadata": { - "name": "${NAME}", - "labels": { - "name": "${NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${NAME}", - "image": "", - "ports": [ - { - "containerPort": 8080, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "ASPNETCORE_ENVIRONMENT", - "value": "${ASPNETCORE_ENVIRONMENT}" - }, - { - "name": "BASE_URI", - "value": "${BASE_URI}" - }, - { - "name": "BASE_PATH", - "value": "${BASE_PATH}" - }, - { - "name": "SITEMINDER_LOGOUT_URL", - "value": "${SITEMINDER_LOGOUT_URL}" - }, - { - "name": "SMTP_HOST", - "value": "${SMTP_HOST}" - }, - { - "name": "SMTP_DEFAULT_SENDER", - "value": "${SMTP_DEFAULT_SENDER}" - }, - { - "name": "DATABASE_SERVICE_NAME", - "value": "${DATABASE_SERVICE_NAME}" - }, - { - "name": "DB_ADMIN_PASSWORD", - "valueFrom": { - "secretKeyRef": { - "key": "db-admin-password", - "name": "${SECRET_RESOURCE_NAME}" - } - } - }, - { - "name": "DB_USER", - "valueFrom": { - "secretKeyRef": { - "key": "db-username", - "name": "${SECRET_RESOURCE_NAME}" - } - } - }, - { - "name": "DB_PASSWORD", - "valueFrom": { - "secretKeyRef": { - "key": "db-password", - "name": "${SECRET_RESOURCE_NAME}" - } - } - }, - { - "name": "DB_DATABASE", - "valueFrom": { - "secretKeyRef": { - "key": "db-databasename", - "name": "${SECRET_RESOURCE_NAME}" - } - } - } - ], - "resources": { - "limits": { - "cpu": "${CPU_LIMIT}", - "memory": "${MEMORY_LIMIT}" - }, - "requests": { - "cpu": "${CPU_REQUEST}", - "memory": "${MEMORY_REQUEST}" - } - }, - "readinessProbe": { - "httpGet": { - "path": "/hc", - "port": 8080, - "scheme": "HTTP" - }, - "initialDelaySeconds": 10, - "timeoutSeconds": 1, - "periodSeconds": 10, - "successThreshold": 1, - "failureThreshold": 3 - }, - "liveinessProbe": { - "httpGet": { - "path": "/hc", - "port": 8080, - "scheme": "HTTP" - }, - "initialDelaySeconds": 10, - "timeoutSeconds": 1, - "periodSeconds": 10, - "successThreshold": 1, - "failureThreshold": 3 - } - } - ] - } - } + "name": "${Name}" + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${NAME}", + "labels": { + "template": "${NAME}-deployment" + }, + "annotations": { + "description": "Defines how to deploy ${NAME}" + } + }, + "spec": { + "strategy": { + "type": "Rolling" + }, + "triggers": [ + { + "type": "ConfigChange" + }, + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_NAMESPACE}", + "name": "${SOURCE_IMAGE_NAME}:${TAG_NAME}" + } } + } + ], + "replicas": 1, + "selector": { + "name": "${NAME}" }, - { - "kind": "Service", - "apiVersion": "v1", - "metadata": { + "template": { + "metadata": { + "name": "${NAME}", + "labels": { + "name": "${NAME}" + } + }, + "spec": { + "containers": [ + { "name": "${NAME}", - "labels": { - "template": "${NAME}-deployment" - }, - "annotations": { - "description": "Exposes and load balances the application pods." - } - }, - "spec": { + "image": "", "ports": [ - { - "name": "8080-tcp", - "protocol": "TCP", - "port": 8080, - "targetPort": 8080 + { + "containerPort": 8080, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "ASPNETCORE_ENVIRONMENT", + "value": "${ASPNETCORE_ENVIRONMENT}" + }, + { + "name": "BASE_URI", + "value": "${BASE_URI}" + }, + { + "name": "BASE_PATH", + "value": "${BASE_PATH}" + }, + { + "name": "SITEMINDER_LOGOUT_URL", + "value": "${SITEMINDER_LOGOUT_URL}" + }, + { + "name": "SMTP_HOST", + "value": "${SMTP_HOST}" + }, + { + "name": "SMTP_DEFAULT_SENDER", + "value": "${SMTP_DEFAULT_SENDER}" + }, + { + "name": "DATABASE_SERVICE_NAME", + "value": "${DATABASE_SERVICE_NAME}" + }, + { + "name": "DB_ADMIN_PASSWORD", + "valueFrom": { + "secretKeyRef": { + "key": "db-admin-password", + "name": "${SECRET_RESOURCE_NAME}" + } + } + }, + { + "name": "DB_USER", + "valueFrom": { + "secretKeyRef": { + "key": "db-username", + "name": "${SECRET_RESOURCE_NAME}" + } + } + }, + { + "name": "DB_PASSWORD", + "valueFrom": { + "secretKeyRef": { + "key": "db-password", + "name": "${SECRET_RESOURCE_NAME}" + } } + }, + { + "name": "DB_DATABASE", + "valueFrom": { + "secretKeyRef": { + "key": "db-databasename", + "name": "${SECRET_RESOURCE_NAME}" + } + } + } ], - "selector": { - "name": "${NAME}" + "resources": { + "limits": { + "cpu": "${CPU_LIMIT}", + "memory": "${MEMORY_LIMIT}" + }, + "requests": { + "cpu": "${CPU_REQUEST}", + "memory": "${MEMORY_REQUEST}" + } }, - "type": "ClusterIP", - "sessionAffinity": "None" - } - }, - { - "apiVersion": "v1", - "kind": "Route", - "metadata": { - "labels": { - "app": "${NAME}" + "readinessProbe": { + "httpGet": { + "path": "/hc", + "port": 8080, + "scheme": "HTTP" + }, + "initialDelaySeconds": 10, + "timeoutSeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "failureThreshold": 3 }, - "name": "${NAME}" - }, - "spec": { - "host": "${APPLICATION_DOMAIN}", - "port": { - "targetPort": "8080-tcp" - }, - "tls": { - "insecureEdgeTerminationPolicy": "Redirect", - "termination": "edge" - }, - "to": { - "kind": "Service", - "name": "${NAME}", - "weight": 100 - } - } - }, - { - "apiVersion": "v1", - "kind": "Route", - "metadata": { - "name": "${NAME}-siteminder-route", - "labels": { - "app": "${NAME}-siteminder-route" - } - }, - "spec": { - "host": "${NAME}-${NAME}.pathfinder.bcgov", - "port": { - "targetPort": "8080-tcp" - }, - "to": { - "kind": "Service", - "name": "${NAME}", - "weight": 100 - } - } - }, - { - "kind": "HorizontalPodAutoscaler", - "apiVersion": "autoscaling/v1", - "metadata": { - "name": "${NAME}", - "labels": { - "app": "${NAME}" + "liveinessProbe": { + "httpGet": { + "path": "/hc", + "port": 8080, + "scheme": "HTTP" + }, + "initialDelaySeconds": 10, + "timeoutSeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "failureThreshold": 3 } - }, - "spec": { - "scaleTargetRef": { - "kind": "DeploymentConfig", - "name": "${NAME}" - }, - "minReplicas": 2, - "maxReplicas": 6 - } + } + ] + } } - ], - "parameters": [ - { - "name": "NAME", - "displayName": "Name", - "description": "The name assigned to all of the resources defined in this template.", - "required": true, - "value": "embcess-training" - }, - { - "name": "SOURCE_IMAGE_NAME", - "displayName": "Source Image Name", - "description": "The name of the image to use for this resource.", - "required": true, - "value": "embcess" - }, - { - "name": "IMAGE_NAMESPACE", - "displayName": "Image Namespace", - "description": "The namespace of the OpenShift project containing the imagestream for the application.", - "required": true, - "value": "jhnamn-tools" - }, - { - "name": "TAG_NAME", - "displayName": "Environment TAG name", - "description": "The TAG name for this environment, e.g., dev, test, prod", - "required": true, - "value": "test" - }, - { - "name": "CPU_LIMIT", - "displayName": "CPU Limit", - "description": "Maximum amount of CPU the container can use.", - "value": "1" - }, - { - "name": "MEMORY_LIMIT", - "displayName": "Memory Limit", - "description": "Maximum amount of memory the container can use.", - "value": "4Gi" - }, - { - "name": "CPU_REQUEST", - "displayName": "CPU Request", - "description": "Starting amount of CPU the container can use.", - "value": "100m" - }, - { - "name": "MEMORY_REQUEST", - "displayName": "Memory Request", - "description": "Starting amount of memory the container can use.", - "value": "2Gi" - }, - { - "description": "The endpoint used for SiteMinder routed access to the application.", - "displayName": "SiteMinder Application Domain", - "name": "SITEMINDER_APPLICATION_DOMAIN", - "value": "embcess-training.pathfinder.bcgov" - }, - { - "description": "The exposed hostname that will route to the service, e.g., myappname.pathfinder.gov.bc.ca, if left blank a value will be defaulted.", - "displayName": "Application Domain", - "name": "APPLICATION_DOMAIN", - "value": "embcess-training.pathfinder.gov.bc.ca" - }, - { - "description": "Webname for Sharepoint, e.g., pill pressdev, if left blank a value will be defaulted.", - "displayName": "Sharepoint Webname", - "name": "SHAREPOINT_WEBNAME", - "required": false, - "value": "embcess" - }, - { - "description": "Sharepoint Tenant ID and Dynamics Tenant ID, e.g., bcgovtrial.onmicrosoft.com, if left blank a value will be defaulted.", - "displayName": "AAD Tennant ID", - "name": "SHAREPOINT_AAD_TENANTID", - "required": false, - "value": "" - }, - { - "description": "Sharepoint Client ID", - "displayName": "Sharepoint Client ID", - "name": "SHAREPOINT_CLIENT_ID", - "required": false - }, - { - "description": "Sharepoint Certificate Password", - "displayName": "Sharepoint Certificate Password", - "name": "SHAREPOINT_CERTIFICATE_PASSWORD", - "required": false - }, - { - "description": "Filename for BCGovTrial.pfx, e.g., /sharepointcert/BCGovTrial.pfx, if left blank a value will be defaulted.", - "displayName": "Sharepoint Certificate Filename", - "name": "SHAREPOINT_CERTIFICATE_FILENAME", - "required": false, - "value": "" - }, - { - "description": "Boolean that shows login, e.g., true, if left blank a value will be defaulted.", - "displayName": "Show login", - "name": "SHOW_LOGIN", - "required": true, - "value": "true" - }, - { - "name": "DATABASE_SERVICE_NAME", - "displayName": "Database service name", - "description": "Database service name", - "value": "mssql" - }, - { - "name": "SECRET_RESOURCE_NAME", - "displayName": "Secret resource name", - "description": "Secret resource name", - "required": true, - "value": "embcess-training" - }, - { - "name": "ASPNETCORE_ENVIRONMENT", - "displayName": "AspNetCore Environment", - "description": "The ASP Net Core deployment environment setting.", - "required": true, - "value": "Test" - }, - { - "name": "BASE_URI", - "displayName": "Base Uri", - "description": "", - "required": true, - "value": "essprep" - }, - { - "name": "BASE_PATH", - "displayName": "", - "description": "", - "required": true, - "value": "/embcess" + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "metadata": { + "name": "${NAME}", + "labels": { + "template": "${NAME}-deployment" }, - { - "name": "SITEMINDER_LOGOUT_URL", - "displayName": "Siteminder logout URL", - "description": "Siteminder logout URL, e.g., https://logon.gov.bc.ca/clp-cgi/logoff.cgi, if left blank a value will be defaulted. Note this url is for prod and should be changed for dev and test.", - "required": true, - "value": "https://logon.gov.bc.ca/clp-cgi/logoff.cgi" + "annotations": { + "description": "Exposes and load balances the application pods." + } + }, + "spec": { + "ports": [ + { + "name": "8080-tcp", + "protocol": "TCP", + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "name": "${NAME}" }, - { - "name": "SMTP_HOST", - "displayName": "", - "description": "", - "required": true, - "value": "" + "type": "ClusterIP", + "sessionAffinity": "None" + } + }, + { + "apiVersion": "v1", + "kind": "Route", + "metadata": { + "labels": { + "app": "${NAME}" }, - { - "name": "SMTP_DEFAULT_SENDER", - "displayName": "", - "description": "", - "required": true, - "value": "" + "name": "${NAME}" + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "port": { + "targetPort": "8080-tcp" }, - { - "name": "DATABASE_SERVICE_NAME", - "displayName": "", - "description": "", - "required": true, - "value": "" + "tls": { + "insecureEdgeTerminationPolicy": "Redirect", + "termination": "edge" }, - { - "description": "Password for the MSSQL connection user.", - "displayName": "MSSQL Connection Password", - "from": "[a-zA-Z0-9]{16}", - "generate": "expression", - "name": "DB_PASSWORD", - "required": true + "to": { + "kind": "Service", + "name": "${NAME}", + "weight": 100 + } + } + }, + { + "apiVersion": "v1", + "kind": "Route", + "metadata": { + "name": "${NAME}-siteminder-route", + "labels": { + "app": "${NAME}-siteminder-route" + } + }, + "spec": { + "host": "${NAME}-${NAME}.pathfinder.bcgov", + "port": { + "targetPort": "8080-tcp" }, - { - "description": "Password for the Admin MSSQL connection user.", - "displayName": "MSSQL Admin Connection Password", - "from": "[a-zA-Z0-9]{16}", - "generate": "expression", - "name": "DB_ADMIN_PASSWORD", - "required": true + "to": { + "kind": "Service", + "name": "${NAME}", + "weight": 100 + } + } + }, + { + "kind": "HorizontalPodAutoscaler", + "apiVersion": "autoscaling/v1", + "metadata": { + "name": "${NAME}", + "labels": { + "app": "${NAME}" } - ] -} + }, + "spec": { + "scaleTargetRef": { + "kind": "DeploymentConfig", + "name": "${NAME}" + }, + "minReplicas": 2, + "maxReplicas": 6 + } + } + ], + "parameters": [ + { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the resources defined in this template.", + "required": true, + "value": "embcess-sandbox" + }, + { + "name": "SOURCE_IMAGE_NAME", + "displayName": "Source Image Name", + "description": "The name of the image to use for this resource.", + "required": true, + "value": "embcess-sandbox" + }, + { + "name": "IMAGE_NAMESPACE", + "displayName": "Image Namespace", + "description": "The namespace of the OpenShift project containing the imagestream for the application.", + "required": true, + "value": "jhnamn-tools" + }, + { + "name": "TAG_NAME", + "displayName": "Environment TAG name", + "description": "The TAG name for this environment, e.g., dev, test, prod", + "required": true, + "value": "dev" + }, + { + "name": "CPU_LIMIT", + "displayName": "CPU Limit", + "description": "Maximum amount of CPU the container can use.", + "value": "1" + }, + { + "name": "MEMORY_LIMIT", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the container can use.", + "value": "4Gi" + }, + { + "name": "CPU_REQUEST", + "displayName": "CPU Request", + "description": "Starting amount of CPU the container can use.", + "value": "100m" + }, + { + "name": "MEMORY_REQUEST", + "displayName": "Memory Request", + "description": "Starting amount of memory the container can use.", + "value": "2Gi" + }, + { + "description": "The endpoint used for SiteMinder routed access to the application.", + "displayName": "SiteMinder Application Domain", + "name": "SITEMINDER_APPLICATION_DOMAIN", + "value": "embcess-sandbox.pathfinder.bcgov" + }, + { + "description": "The exposed hostname that will route to the service, e.g., myappname.pathfinder.gov.bc.ca, if left blank a value will be defaulted.", + "displayName": "Application Domain", + "name": "APPLICATION_DOMAIN", + "value": "embcess-sandbox.pathfinder.gov.bc.ca" + }, + { + "description": "Webname for Sharepoint, e.g., pill pressdev, if left blank a value will be defaulted.", + "displayName": "Sharepoint Webname", + "name": "SHAREPOINT_WEBNAME", + "required": false, + "value": "embcess" + }, + { + "description": "Sharepoint Tenant ID and Dynamics Tenant ID, e.g., bcgovtrial.onmicrosoft.com, if left blank a value will be defaulted.", + "displayName": "AAD Tennant ID", + "name": "SHAREPOINT_AAD_TENANTID", + "required": false, + "value": "" + }, + { + "description": "Sharepoint Client ID", + "displayName": "Sharepoint Client ID", + "name": "SHAREPOINT_CLIENT_ID", + "required": false + }, + { + "description": "Sharepoint Certificate Password", + "displayName": "Sharepoint Certificate Password", + "name": "SHAREPOINT_CERTIFICATE_PASSWORD", + "required": false + }, + { + "description": "Filename for BCGovTrial.pfx, e.g., /sharepointcert/BCGovTrial.pfx, if left blank a value will be defaulted.", + "displayName": "Sharepoint Certificate Filename", + "name": "SHAREPOINT_CERTIFICATE_FILENAME", + "required": false, + "value": "" + }, + { + "description": "Boolean that shows login, e.g., true, if left blank a value will be defaulted.", + "displayName": "Show login", + "name": "SHOW_LOGIN", + "required": true, + "value": "true" + }, + { + "name": "DATABASE_SERVICE_NAME", + "displayName": "Database service name", + "description": "Database service name", + "value": "mssql" + }, + { + "name": "SECRET_RESOURCE_NAME", + "displayName": "Secret resource name", + "description": "Secret resource name", + "required": true, + "value": "embcess" + }, + { + "name": "ASPNETCORE_ENVIRONMENT", + "displayName": "AspNetCore Environment", + "description": "The ASP Net Core deployment environment setting.", + "required": true, + "value": "Test" + }, + { + "name": "BASE_URI", + "displayName": "Base Uri", + "description": "", + "required": true, + "value": "essprep" + }, + { + "name": "BASE_PATH", + "displayName": "", + "description": "", + "required": true, + "value": "/embcess" + }, + { + "name": "SITEMINDER_LOGOUT_URL", + "displayName": "Siteminder logout URL", + "description": "Siteminder logout URL, e.g., https://logon.gov.bc.ca/clp-cgi/logoff.cgi, if left blank a value will be defaulted. Note this url is for prod and should be changed for dev and test.", + "required": true, + "value": "https://logon.gov.bc.ca/clp-cgi/logoff.cgi" + }, + { + "name": "SMTP_HOST", + "displayName": "", + "description": "", + "required": true, + "value": "" + }, + { + "name": "SMTP_DEFAULT_SENDER", + "displayName": "", + "description": "", + "required": true, + "value": "" + }, + { + "name": "DATABASE_SERVICE_NAME", + "displayName": "", + "description": "", + "required": true, + "value": "" + }, + { + "name": "DB_NAME", + "displayName": "", + "description": "", + "required": true, + "value": "ess" + }, + { + "description": "Password for the MSSQL connection user.", + "displayName": "MSSQL Connection Password", + "from": "[a-zA-Z0-9]{16}", + "generate": "expression", + "name": "DB_PASSWORD", + "required": true + }, + { + "description": "Password for the Admin MSSQL connection user.", + "displayName": "MSSQL Admin Connection Password", + "from": "[a-zA-Z0-9]{16}", + "generate": "expression", + "name": "DB_ADMIN_PASSWORD", + "required": true + } + ] +} \ No newline at end of file