Configuring common parameter

Used to define,
  • ingress host sub-domain using which ingress or routes will be exposed for application servers.
  • common ingress and service configurations that are applicable to all the appServer instances.
  • common podLabels that are applied to all the pods created for the OMEnvironment CR.
The following .yaml file is a sample schema of common:
  common:
    ingress:
      host: ""
      # annotations: {}
      # labels: {}
      # className: ""
      # ssl:
        # enabled: false
        # identitySecretName: ""
    jwt:
       alias: <custom_name>
       algorithm: RS512
       audience: service
       issuer: oms
    # service:
      # annotations: {}
      # labels: {}
    # appServer:
      # ports:
        # http: 9080
        # https: 9443
    # pod:
      # podLabels: {}
      # podAnnotations: {}
    # oidc:
      # enabled: false
      # provider: " "
      # discoveryurl: " "
      # class: " "
      # uniqueClaim: sub
      # secondaryid: email
      # logouturl: " "
​
The following table explains the attributes applicable for the common parameter of OMEnvironment.
Property Default value Value type Required Description
ingress   object Yes Specify the ingress parameter. For more information about configuring ingress, see Configuring ingress parameter.
appServer.ports.http 9080 integer Yes Specify the HTTP container port for Liberty application server.
appServer.ports.https 9443 integer Yes Specify the HTTPS container port for Liberty application server.
jwt.audience service string Yes Specify to whom you intend to send the JWT token.
jwt.issuer oms string Yes Specify an issuer name when creating a JWT token for the current user.
jwt.algorithm RS512 string Yes Specify the algorithm that is used for signing the JWT token.
Note: Ensure that the jwt.audience, jwt.issuer, and jwt.algorithm parameters match with the configuration that is provided during Sterling Order Management System Software deployment.
jwt.alias   string No Specify a custom name for the JWT when defining your own key-pair.
service.annotations   object No Specify the additional annotations for service resource.
service.labels   object No Specify the additional labels for service resource.
pod.podLabels "" (volumes's root) object No Specify any additional labels for pod as key-value pair.
Note: These pod labels are also copied to deployments.
pod.podAnnotations   object No Specify any additional annotations for pod as key-value pair.

Configuring ingress parameter

The following table explains the attributes applicable for the ingress parameter of common.
Property Default value Value type Required Description
ingress.annotations   object No Specify any additional annotations for ingress or routes resource as key-value pair.
ingress.labels   object No Specify any additional labels for ingress or routes resource as key-value pair.
ingress.host   string No Specify the domain name to which the service is exposed to.
ingress.ssl   object No Specify the ingress SSL configurations.
ingress.ssl.enabled   boolean Yes, when ingress.ssl is specified. Specify whether SSL is enabled for ingress or not.
ingress.className nginx string No Specify the ingress class name.
ingress.customDomains   array No Specify a list of custom domains with one or more Fully Qualified Domain Names (FQDNs) over which your application is exposed. For more information, see Creating multiple ingress hosts by using customDomains.
ingress.ssl.identitySecretName   string No Specify the name of the secret holding TLS certificate to be used as identity for ingress or routes. The ingress or route URL will present this TLS certificate to the clients.

Configuring OIDC parameter

The following table explains the attributes for the OIDC parameters.
Property Default value Value type Required Description
oidc.enabled false string No Enable or disable OIDC.
oidc.provider   string Yes Specify the OIDC provider name.
oidc.discoveryurl   string Yes Specify the OIDC discovery URL.
oidc.class   string No Specify the OIDC class.
oidc.uniqueClaim sub string No Specify the OIDC unique claim details.
oidc.secondaryid email string No Specify the secondary ID.
oidc.logouturl   string Yes Specify the OIDC logout URL.