ricardozanini commented on code in PR #721: URL: https://github.com/apache/incubator-kie-kogito-docs/pull/721#discussion_r2076217611
########## serverlessworkflow/modules/ROOT/pages/cloud/operator/gitops-profile.adoc: ########## @@ -0,0 +1,124 @@ += GitOps Profile +:compat-mode!: +// Metadata: +:description: Using GitOps profile for deploying SonataFlow workflows in production environments +:keywords: sonataflow, workflow, serverless, operator, kubernetes, gitops, cicd +// Links: +:rh_jdk17_url: https://catalog.redhat.com/software/containers/ubi9/openjdk-17/61ee7c26ed74b2ffb22b07f6 + +This document describes how to use the GitOps profile for deploying {product_name} workflows in production environments. + +== Recommended for Production + +Using the GitOps profile is recommended for production environments. It provides complete control over workflow image builds, enabling compliance, security, and seamless integration into your existing CI/CD pipelines. + +== Workflow Image Structure + +The GitOps profile uses container images based on the link:{rh_jdk17_url}[Red Hat OpenJDK 17 UBI 9] runtime. You can review its documentation for detailed information about the image architecture. + +The table below highlights important paths in the container image file system. + +.Important file system paths +[cols="1,1"] +|=== +|Path | Description + +|`/deployments` +|Application deployment directory containing Quarkus application components + +|`/deployments/lib` +|Directory for application libraries + +|`/deployments/app` +|Directory for application-specific resources + +|`/deployments/quarkus` +|Quarkus-specific configuration files + +|=== + +== Building Workflow Container Images + +Below is an example Dockerfile illustrating how to build a container image using the GitOps profile. + +.Example Dockerfile +[source,dockerfile,subs="attributes+"] +---- +FROM {sonataflow_builder_imagename}:{operator_version} AS builder <1> + +ARG QUARKUS_EXTENSIONS +ARG QUARKUS_ADD_EXTENSION_ARGS +ARG MAVEN_ARGS_APPEND + +COPY --chown=1001 . ./resources <2> + +RUN /home/kogito/launch/build-app.sh ./resources <3> + +FROM registry.access.redhat.com/ubi9/openjdk-17-runtime:latest <4> + +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' + +COPY --from=builder --chown=185 /home/kogito/serverless-workflow-project/target/quarkus-app/lib/ /deployments/lib/ <5> +COPY --from=builder --chown=185 /home/kogito/serverless-workflow-project/target/quarkus-app/*.jar /deployments/ +COPY --from=builder --chown=185 /home/kogito/serverless-workflow-project/target/quarkus-app/app/ /deployments/app/ +COPY --from=builder --chown=185 /home/kogito/serverless-workflow-project/target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" +---- + +<1> Base builder image +<2> Copy workflow resources +<3> Build the workflow application +<4> Base runtime image +<5> Copy built application components to deployment directories + +== Pushing to Container Registry + +Push the built container image to your registry: + +[source,shell] +---- +docker push your-registry/my-workflow:tag +---- + +== Deploying the Workflow + +Configure your SonataFlow Custom Resource to use the built container image: + +[source,yaml] +---- +apiVersion: sonataflow.org/v1alpha08 +kind: SonataFlow +metadata: + annotations: + org.sonataflow/profile: gitops Review Comment: Yes, this is the correct: https://github.com/apache/incubator-kie-tools/blob/main/packages/sonataflow-operator/api/metadata/annotations.go#L23 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
