Get Started section
* 'Configuring Keystores' one (covered as 'Creating HTTPS and JGroups Keystores, ...'
in Advanced Concepts section),
* 'Generating Secrets' one (covered as 'Secrets' subsection in Advanced Concepts),
* 'Creating the Service Account' one. Not needed at all (OCP 3.10 and 3.11 doesn't
need it anymore),
* 'Using the OpenShift Web Console' one (covered as 'Deploying the Chosen {project_name}
Passthrough TLS Template...' in Advanced Concepts sections, together with providing
real expected values for these variables),
* 'Routes' one (since RH-SSO 7.3 doesn't use Passthrough TLS by default any more. The
various supported TLS (reencrypt, passthrough) are described in
'1.1. What Is Red Hat Single Sign-On?' section)
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
* Move 'Example Deploying SSO' back from Tutorials to Get Started section to:
* Align with the form this section has in RH-SSO 7.2 image doc,
* Bring the getting_started.adoc changes from this commit:
f61cfad51e (diff-74a6baa8904aeee687e9db2c263b9b47)
back to the get_started.adoc file, which is now used instead
of the getting_started.adoc one
* Drop duplicate 'Accessing the Administrator Console' section
from Advanced Concepts
* Comment out the Keystores, Secrets sections in Get Started
since it's covered in Advanced Concepts now
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
reference to latest OCP version install
OpenShift Primer is very outdated (recommends OpenShift Enterprise v3.2 yet),
while latest OCP version is v3.11. As such, the recommended OpenShift Primer
steps aren't working to get fresh OCP install up & running
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
paragraph from the 'Get Started' section
Keep the copy present in 'Advanced Concept's section, because it is more
updated & already present part of the book dedicated to advanced topics
(see 7.2 guide for reference)
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
section and 'Limitations' section from the 'Get Started' book section
Keep them in the 'Advanced Concepts' section, since this is the one
where these two belongs (see 7.2 guide for reference)
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
Keep it in the 'Advanced Concepts' section, since that's the one, where it belongs
(see 7.2 guide for reference)
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
* Whitelist .../templates/${resource} link for both RH-SSO 7.3 TP CD & RH-SSO 7.3 products,
* Replace '[subs="verbatim,macros,attributes"]' with '[source,bash,subs="attributes+,macros+"]'
The 'macros+' field is needed in order also constructs like 'pass:quotes[_user-name_]' got
expanded correctly,
* Replace deprecated 'oc env' command with its new "oc set env" equivalent,
* Replace deprecated 'oadm' command with its new "oc adm" equivalent,
* Escape selected https:// links, so they wouldn't end up rendered as <link xlink=...>
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
Refactor the automatic & manual database migration sections not to be tied that much to a
specific, previous RH-SSO image version in order to these two attributes not to be needed
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
with their parametrized version
Also drop mention about EAP 7.0 images / templates, since
these are deprecated (see CLOUD-2699 / CLOUD-2678 for details)
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
in the documentation, so various versions can be used
Also, use "[subs="verbatim,macros,attributes"]" as the default
for code sections in the documentation. Escape '<', '>', '+'
special characters, where necessary for proper rendering of
final documentation
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
Also add additional steps to 'Advanced Concepts' section, on how
to configure `fixed` hostname SPI provider
Also address the issue pointed out during the review by Matthew.
Thanks, Matthew!
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
documentation section updates:
* Add details on how to pull images from Red Hat Terms Based Registry (registry.redhat.io),
* Update list of RH-SSO templates to the latest one, templates tag to the latest 'v.1.4.16'
one, and RH-SSO 7.2 images tag to the latest '1.2' one
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
encryption protocol, which is the default setting for the
templates using re-encrypt TLS termination
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
* [KEYCLOAK-6650] Substitute:
* 'redhat-sso72-openshift:1.0' with 'redhat-sso72-openshift:1.1',
* 'ose-v1.4.9' tag with (upcoming) 'ose-v1.4.11' tag
Also update the command to install the updated templates
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
* [KEYCLOAK-6650] Mention the newly introduced RH-SSO 7.2 x509
application templates on appropriate places
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
* [KEYCLOAK-6650] Move "Binary Builds" tutorial out of
Getting Started section to Tutorials section
Also rename it to:
"Example Workflow: Create OpenShift Application that Authenticates
Using Red Hat Single Sing-On from Existing Maven Binaries"
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
* [KEYCLOAK-6650] Rename 'Get Started' section to 'Advanced Concepts'
(we will introduce a new, refactored 'Getting Started' section soon)
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
* [KEYCLOAK-6650] Bring the refactored 'Getting Started' section
back to the docs
Make it contain the most simplistic example, how to deploy RH-SSO
server
Refactor the 'Advanced Concepts' section to guide:
* How to generate keystores, truststore, and secrets for passthroug
TLS RH-SSO application templates,
* Also provide example, how the passthrough TLS template can be
deployed once keystores and secrets are created
Remove the necessary sections from former 'tutorials' content,
that have been used:
* Either in the new 'Getting Started' section, or
* In the new 'Advanced Concepts' section
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
* [KEYCLOAK-6650] Address issues pointed out by Matthew during PR
review. Thanks for them, Matthew!
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
* [KEYCLOAK-6648] Align the definition of HTTPS, JGroups keystores,
and the truststore for the RH-SSO server in the application templates
with their definition in the documentation
Also provide example how to obtain certificate names from keystores
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
* [KEYCLOAK-6650] Clarify in the Introduction section, that
for the x509 re-encrypt templates the JGroups keystore isn't
generated, and AUTH protocol is used for cluster traffic
authentication
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>