Improve deployments to Production environments by first building an image in a Test environment that contains custom workflow/application data, permissions, configurations, and customizations, then deploy the complete container to Production. This "black box" container will provide consistent deployments and improved resiliency and redundancy. Gateway customers write their custom workflows, who want a better way to deploy to production, reduce manual changes, and maintain container resiliency. To add built-in workflows to a container, you must copy the workflows and the associated files to the /builtin folder via the copy command in Dockerfile.
Starting in BlueCat Gateway v20.12.1, Gateway transitions from providing
/portal/builtin as a location for workflow developers to
include workflows inside the image to providing
/builtin as a
location for including a full workspace inside the container. The
Built-in workspace is not intended to be mounted, rather,
it is a location to use when a new image is created based on a Gateway image. It is
a recommended location for the workflow developers to add their content.
- Built-in workflows cannot be deleted, exported, or imported.
- Starting in BlueCat Gateway v21.5.1, the Built-in
workspace supports the following:
- Group Settings
- IdP SSL certificate
- TSIG key
- Create a local directory for the files that you want to include in /builtin inside the container.
Create a subfolder for each workflow within this folder. In the example below,
a subfolder for the add alias record workflow is created.
The structure of the
builtin/ workspace should match with the custom workspace
/bluecat_gateway. For example:
If adding an SSO configuration to
/builtin, you must add both the
Add all desired workflows to the subfolders.
following script in a Dockerfile:
FROM quay.io/bluecat/gateway:21.8.1 USER root # you can add any other 3rd party libraries here e.g # RUN pip3 install openpyxl==3.0.5 COPY ./workflows/ /builtin/workflows/ COPY ./config.py /builtin/ COPY ./permissions.json /builtin/ # Ensure the content is available if the container is run with a custom User ID. RUN \ chgrp -R 0 /builtin && \ chmod -R g=u /builtin USER flaskNote: Your file must be named Dockerfile. For more information on Dockerfiles, refer to the official Docker documentation (docs.docker.com).Note: All folders and files added to the
/bluecat_portalfolders should have rwx permissions.Attention: If you add the configuration and permissions files to both the /builtin and the
bluecat_portalfolders, the settings in the
bluecat_portalfolder are used.
Navigate to the directory that you created in step 1 and run the following
docker buildcommand to create an image using the Dockerfile:
docker build . -t <custom_project:some_version>An image called
custom_project:some versionis created.
Instantiate the container by running the
docker runcommand using
docker run -d \ -p 80:8000 \ -p 443:44300 \ -v <path_to_mapped_data_directory>:/bluecat_gateway/ \ -v <path_to_mapped_log_directory>:/logs/ \ -e BAM_IP=<your bam ip> \ --name bluecat_gateway custom_project:some_version
- Log in to BlueCat Gateway.
- Optional: (Perform this step only if you don't have built-in configurations and permissions). Set permissions accordingly to each workflow. Once you set permissions to each workflow, all workflows are listed in the left navigation bar.