update

roles/cmoa_install/files/06-imxc-ui/imxc-ui-jspd/Chart.yaml

@@ -0,0 +1,5 @@
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: imxc
+version: 0.1.0

roles/cmoa_install/files/06-imxc-ui/imxc-ui-jspd/scripts/init-api-server.sh

@@ -0,0 +1,16 @@
+#! /bin/sh
+
+STATUS_CODE="$(curl -s -o /dev/null -w '%{http_code}' http://imxc-keycloak-http/auth/realms/exem)"
+
+if [ $STATUS_CODE -eq 200 ]; then
+  JWT_KEY="$(curl -s -XGET http://imxc-keycloak-http/auth/realms/exem | jq -r '.public_key')"
+  export JWT_KEY
+
+  chmod -R 777 /home/cloudmoa/notification/cloudmoa_alert.log
+
+  java -Djava.security.egd=file:/dev/./urandom -jar /app.jar
+elif [ $STATUS_CODE -eq 404 ]; then
+  echo "not found exem relam. check realm in imxc-keycloak"
+else
+  echo "not found keycloak. check to install keycloak"
+fi

roles/cmoa_install/files/06-imxc-ui/imxc-ui-jspd/scripts/init-auth-server.sh

@@ -0,0 +1,36 @@
+#! /bin/bash
+
+# 200 -> 서버 및 realm이 있는 경우
+# 404 -> 서버는 있으나 realm이 없는 경우
+# 000 -> 서버가 없음
+STATUS_CODE="$(curl -s -o /dev/null -w '%{http_code}' http://imxc-keycloak-http/auth/realms/exem)"
+
+if [ $STATUS_CODE -eq 404 ]; then
+  TOKEN="$(curl -s -d "client_id=admin-cli" -d "username=admin" -d "password=admin" -d "grant_type=password" http://imxc-keycloak-http/auth/realms/master/protocol/openid-connect/token | jq -r '.access_token')"
+  
+  echo $TOKEN
+
+  echo "create realm and client"
+  # create realm and client
+  curl -s -v POST -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" -d "@/tmp/init.json" http://imxc-keycloak-http/auth/admin/realms
+
+
+  echo "create admin and owner"
+  # create admin and owner
+  curl -s -v POST -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" -d '{"firstName":"","lastName":"", "username":"admin","email":"admin@example.com", "enabled":"true","credentials":[{"type":"password","value":"admin","temporary":false}]}' http://imxc-keycloak-http/auth/admin/realms/exem/users
+  curl -s -v POST -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" -d '{"firstName":"","lastName":"", "username":"owner","email":"owner@example.com", "enabled":"true","credentials":[{"type":"password","value":"admin","temporary":false}]}' http://imxc-keycloak-http/auth/admin/realms/exem/users
+
+  JWT_KEY="$(curl -s -XGET http://imxc-keycloak-http/auth/realms/exem | jq -r '.public_key')"
+  export JWT_KEY
+
+  java -Djava.security.egd=file:/dev/./urandom -jar /app.jar
+elif [ $STATUS_CODE -eq 200 ]; then
+  echo "exist exem relam"
+
+  JWT_KEY="$(curl -s -XGET http://imxc-keycloak-http/auth/realms/exem | jq -r '.public_key')"
+  export JWT_KEY
+
+  java -Djava.security.egd=file:/dev/./urandom -jar /app.jar
+else
+  echo "not found keycloak. check to install keycloak"
+fi

roles/cmoa_install/files/06-imxc-ui/imxc-ui-jspd/scripts/init-noti-server.sh

@@ -0,0 +1,14 @@
+#! /bin/sh
+
+STATUS_CODE="$(curl -s -o /dev/null -w '%{http_code}' http://imxc-keycloak-http/auth/realms/exem)"
+
+if [ $STATUS_CODE -eq 200 ]; then
+  JWT_KEY="$(curl -s -XGET http://imxc-keycloak-http/auth/realms/exem | jq -r '.public_key')"
+  export JWT_KEY
+
+  java -Djava.security.egd=file:/dev/./urandom -jar /app.jar
+elif [ $STATUS_CODE -eq 404 ]; then
+  echo "not found exem relam. check realm in imxc-keycloak"
+else
+  echo "not found keycloak. check to install keycloak"
+fi

roles/cmoa_install/files/06-imxc-ui/imxc-ui-jspd/scripts/init-resource.sh

@@ -0,0 +1,6 @@
+#!/bin/sh
+
+chmod -R 777 /scripts
+
+sed -i "s/localhost/$REDIRECT_URLS/g" /scripts/init.json
+cp /scripts/init.json /tmp/init.json

roles/cmoa_install/files/06-imxc-ui/imxc-ui-jspd/templates/imxc-ui-config.yaml

@@ -0,0 +1,44 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: imxc-ui-config
+  namespace: imxc
+
+data:
+  properties.file: |
+    api.url = {{ .Values.global.SERVELET_URL_PROTOCOL }}://{{ .Values.global.ZUUL_SERVER_IP }}:{{ .Values.global.ZUUL_SERVER_PORT }}
+  config.js: |
+    window.appEnv = {
+        offlineAccess: "{{ .Values.global.OFFLINEACCESS }}",
+        backLogin: "{{ .Values.global.BACKLOGIN }}",
+        // Env Settings servletURL
+        servletURL: "{{ .Values.global.SERVELET_URL_PROTOCOL }}://{{ .Values.global.ZUUL_SERVER_IP }}:{{ .Values.global.ZUUL_SERVER_PORT }}",
+        // Env Settings socketURL
+        socketURL: "http://{{ .Values.global.NOTI_SERVER_IP }}:{{ .Values.global.NOTI_SERVER_PORT }}/ui-server-websocket",
+        // Env Settings interMaxURL
+        // ex) ~/intermax/?paConnect=1&paType=ResponseInspector&fromTime=1556096539206&toTime=1556096599206&serverName=jeus89
+        interMaxURL: "",
+        manualURL: "http://{{ .Values.global.CMOA_MANUAL_SERVER_IP }}:{{ .Values.global.CMOA_MANUAL_PORT }}",
+        // Env Settings CloudMOA Version
+        version: '{{ .Values.global.CLOUDMOA_VERSION }}',
+        loginType: 'keycloak',
+        keyCloak: {
+             "realm": "{{ .Values.global.KEYCLOAK_REALM }}",
+             "auth-server-url": "{{ .Values.global.KEYCLOAK_AUTH_SERVER_URL }}",
+             "ssl-required": "none",
+             "resource": "{{ .Values.global.KEYCLOAK_RESOURCE }}",
+             "public-client": true,
+             "confidential-port": 0
+           },
+        // refreshTime: '4', // 리로드 주기 설정 4로 설정시 새벽 4시에 리로드 하게 됨
+    	intervalTime: { // 5의 배수여야만 함
+          short: 5,
+          medium: 10,
+          long: 60,
+        },
+    	// excludedContents: {
+          // anomalyScoreSettings: true, // entity black list setting page
+          // anomalyScoreInSidebar: true, // anomaly score in side bar
+        // },
+        serviceTraceAgentType: 'jspd'
+    };

roles/cmoa_install/files/06-imxc-ui/imxc-ui-jspd/templates/imxc-ui-server.yaml

@@ -0,0 +1,63 @@
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: imxc-ui-service
+  namespace: imxc
+spec:
+  type: NodePort
+  selector:
+    app: imxc-ui
+  ports:
+  - protocol: TCP
+    name: ui
+    port: 80
+    targetPort: 9999
+    nodePort: 31080
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: imxc-ui
+  namespace: imxc
+  labels:
+    app: imxc-ui
+spec:
+  revisionHistoryLimit: 0
+  replicas: 1
+  selector:
+    matchLabels:
+      app: imxc-ui
+  template:
+    metadata:
+      labels:
+        app: imxc-ui
+    spec:
+      containers:
+      - name: imxc-ui
+        image: {{ .Values.global.IMXC_IN_REGISTRY }}/ui-server:{{ .Values.global.UI_SERVER_VERSION }}
+        resources:
+          requests:
+            cpu: 100m
+            memory: 50Mi
+          limits:
+            cpu: 200m
+            memory: 100Mi
+        imagePullPolicy: IfNotPresent
+        ports:
+        - containerPort: 80
+        volumeMounts:
+          - name: config-profile
+            mountPath: /usr/src/app/web/env
+          - name: config-server
+            mountPath: /usr/src/app/config
+      volumes:
+        - name: config-profile
+          configMap:
+            name: imxc-ui-config
+            items:
+              - key: "config.js"
+                path: "config.js"
+        - name: config-server
+          configMap:
+            name: imxc-ui-config

roles/cmoa_install/files/06-imxc-ui/imxc-ui-jspd/values.yaml

@@ -0,0 +1,94 @@
+# Default values for imxc.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+  repository: 10.10.31.243:5000/cmoa3/nginx
+  tag: stable
+  pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: true
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name:
+
+podSecurityContext: {}
+  # fsGroup: 2000
+
+securityContext: {}
+  # capabilities:
+  #   drop:
+  #   - ALL
+  # readOnlyRootFilesystem: true
+  # runAsNonRoot: true
+  # runAsUser: 1000
+
+service:
+  type: ClusterIP
+  port: 80
+
+ingress:
+  enabled: false
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - host: chart-example.local
+      paths: []
+
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+global:
+  INTERMAX_IP: 
+  SERVELET_URL_PROTOCOL : http
+  DEMO_SERVELET_URL_PROTOCOL : http
+  KEYCLOAK_AUTH_SERVER_URL: http://111.111.111.111:31082/auth
+  KEYCLOAK_RESOURCE: authorization_server
+  KEYCLOAK_REALM: exem
+
+  IMXC_IN_REGISTRY: 10.10.31.243:5000/cmoa3
+
+  ZUUL_SERVER_IP: 111.111.111.111
+  ZUUL_SERVER_PORT: 31081
+
+  NOTI_SERVER_IP: 111.111.111.111
+  NOTI_SERVER_PORT: 31083
+
+  CMOA_MANUAL_SERVER_IP: 111.111.111.111
+  CMOA_MANUAL_PORT: 31090
+
+  OFFLINEACCESS: false
+  BACKLOGIN: false
+
+  CLOUDMOA_VERSION: rel0.0.0
+  UI_SERVER_VERSION: rel0.0.0 
+  CMOA_MANUAL_VERSION: rel0.0.0