Usecase "Hybrid - OIDC": Deploy an API secured with OpenID Connect on self-managed APIcast and 3scale on-premises
In this usecase, a Jenkins pipeline will deploy an API described by an OpenAPI Specification file on a 3scale SaaS instance with self-managed APIcast and on a 3scale on-prem instance. The API is secured using OpenID Connect as requested in the OAS.
Make sure you completed the SETUP guide.
Use the provided OpenShift template to install the Jenkins pipeline configured to target 3scale SaaS:
oc process -f hybrid-usecase-oidc/setup.yaml \
-p DEVELOPER_ACCOUNT_ID="$SAAS_DEVELOPER_ACCOUNT_ID" \
-p PRIVATE_BASE_URL="http://$BEER_CATALOG_HOSTNAME" \
-p TARGET_INSTANCE=3scale-saas \
-p PUBLIC_STAGING_WILDCARD_DOMAIN="$APICAST_SELF_MANAGED_STAGING_WILDCARD_DOMAIN" \
-p PUBLIC_PRODUCTION_WILDCARD_DOMAIN="$APICAST_SELF_MANAGED_PRODUCTION_WILDCARD_DOMAIN" \
-p OIDC_ISSUER_ENDPOINT="https://$CLIENT_ID:$CLIENT_SECRET@$SSO_HOSTNAME/auth/realms/$REALM" \
-p NAMESPACE="$TOOLBOX_NAMESPACE" |oc create -f -Use the provided OpenShift template to install the Jenkins pipeline configured to target 3scale on-prem:
oc process -f hybrid-usecase-oidc/setup.yaml \
-p DEVELOPER_ACCOUNT_ID="$ONPREM_DEVELOPER_ACCOUNT_ID" \
-p PRIVATE_BASE_URL="http://$BEER_CATALOG_HOSTNAME" \
-p TARGET_INSTANCE=3scale-onprem \
-p PUBLIC_STAGING_WILDCARD_DOMAIN="$APICAST_ONPREM_STAGING_WILDCARD_DOMAIN" \
-p PUBLIC_PRODUCTION_WILDCARD_DOMAIN="$APICAST_ONPREM_PRODUCTION_WILDCARD_DOMAIN" \
-p OIDC_ISSUER_ENDPOINT="https://$CLIENT_ID:$CLIENT_SECRET@$SSO_HOSTNAME/auth/realms/$REALM" \
-p DISABLE_TLS_VALIDATION=yes \
-p NAMESPACE="$TOOLBOX_NAMESPACE" |oc create -f -Deploy the API to 3scale SaaS:
oc start-build hybrid-usecase-oidc-3scale-saasDeploy the API to 3scale on-prem:
oc start-build hybrid-usecase-oidc-3scale-onprem