Recently I came across tektoncd project, The Tekton Pipelines project provides Kubernetes-style resources for declaring CI/CD-style pipelines caught my attention, and I started playing with it.
Basic Concepts # To create a Tekton pipeline, one does the following:
Create custom or install existing reusable Tasks Create a Pipeline and PipelineResources to define your application’s delivery pipeline Create a PipelineRun to instantiate and invoke the pipeline Installing Tekton on OpenShift # Log in as a user with cluster-admin privileges.
I recently worked on a React project with Go backend using Gin web framework. Keycloak was the authentication mechanism for the front end; I also wanted to secure the back end using JSON Web Tokens, which Keycloak provided on every login. JWT verification setup in the Go application was easy.
First, copy the RS256 algorithm public key value from Keycloak.
Send the token as an Authorization header.
axios .get(BACKEND_URL.concat("sampleendpoint"), { headers: { Authorization: this.
This post will show you how to secure a React app using RedHat SSO (upstream Keycloak). In this case, OpenID-connect is my identity provider.
Install the official Keycloak js adapter
npm i keycloak-js --save Add host and port information to the client; in my case, it’s localhost:9000
In App.js, add a JavaScript object with the required configuration; you will find these configurations under Clients->Installation.
//keycloak init options const initOptions = { url: "https://localhost:8080/auth", realm: "test", clientId: "react-app", onLoad: "login-required" }; By default, to authenticate, you need to call the login function.
Recently I encountered a JWT token expired error on the heketi pod in the OpenShift cluster.
[jwt] ERROR 2019/07/16 19:17:14 heketi/middleware/jwt.go:66:middleware.(*HeketiJwtClaims).Valid: exp validation failed: Token is expired by 1h48m59s After a lot of google searches, I synchronized clocks across the pod running heketi and the master nodes, which solved the issue
ntpdate -q 0.rhel.pool.ntp.org; systemctl restart ntpd
To order to integrate Patternfly framework into a ReactJS application, create a new project or use an existing one
npx create-react-app patternfly-setup-react Install patternfly dependencies react-core, react-table and patternfly
npm i --save @patternfly/patternfly \ @patternfly/react-core @patternfly/react-table Note: Import base.css and patternfly.css in your project, or some components may diverge in appearance
//These imports are a must to render CSS import "@patternfly/react-core/dist/styles/base.css"; import "@patternfly/patternfly/patternfly.css"; To make sure everything is working correctly, update App.
This post demonstrates how to authenticate a user against LDAP.
Let’s start by installing basic-auth and ldapauth-fork packages
npm install ldapauth-fork npm install basic-auth Steps for implementation;
Add packages Create an LDAP variable with authentication configuration Basic auth should prompt for your username and password. Once the user is found, verify the given password by trying to bind the user client with the found LDAP user object and the given password.
Recently I faced an issue where one of my projects got stuck in a terminating state for days. The workaround below fixed the problem.
Export OpenShift project as a JSON Object
oc get project delete-me -o json > ns-without-finalizers.json Replace below from
spec: finalizers: - kubernetes to
spec: finalizers: [] On one of the master nodes, execute these commands.
kubectl proxy & PID=$! curl -X PUT http://localhost:8001/api/v1/namespaces/delete-me/finalize \ -H "Content-Type: application/json" --data-binary @ns-without-finalizers.
Spring Boot Metrics # This post will discuss how to monitor spring boot application metrics using Prometheus and Grafana.
Prometheus # Prometheus is a monitoring system that collects metrics from configured targets at intervals.
Grafana # Grafana is an open-source metric analytics & visualization tool.
Micrometer # The micrometer is a metrics instrumentation library for JVM-based applications.
Spring Boot Actuator # Spring Boot Actuator helps you monitor and manage your application when it’s pushed to production.
This post concerns remote debugging an ASP.NET Core application on OpenShift using Visual Studio Code. You can use any Microsoft proprietary debugger engine vsdbg with Visual Studio Code.
First, list the available .Net application pods using the oc command.
$ oc get pod NAME READY STATUS RESTARTS AGE MY_APP_NAME-3-1xrsp 0/1 Running 0 6s $ oc rsh MY_APP_NAME-3-1xrsp sh-4.2$ curl -sSL https://aka.ms/getvsdbgsh | bash /dev/stdin -v latest -l /opt/app-root/vsdbg -r linux-x64 Note: If your container is running behind a corporate proxy and cannot access the internet, you’ll have to build a base dotnet image with the installed debugger engine vsdbg.
This post will discuss debugging a JAVA application running inside a container.
Red Hat container images # When you bootstrap your JVM, you should have a way to enable JVM to debug. For example, Red Hat S2I images allow you to control classpath and debugging via environment variables.
# Set debug options if required if [ x"${JAVA_DEBUG}" != x ] && [ "${JAVA_DEBUG}" != "false" ]; then java_debug_args="-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=${JAVA_DEBUG_PORT:-5005}" fi Setting the JAVA_DEBUG environment variable inside the container to true will append debug args to the JVM startup command Configure port forwarding so that you can connect to your application from a remote debugger If you are using the tomcat image, replace the JAVA_DEBUG environment variable with DEBUG