Enabling the IDM Workflow with ForgeOps v7.x
Author: |
Hope Sun |
Created at: |
Sep 2023 |
Updated at: |
Oct 2023 |
Introduction
IDM embeds a Flowable Process Engine that initializes in the OSGi container. Workflows are not active by default. This article shows how to enable workflow using Mysql database as data source.
Prerequisites
This article assumes the following:
-
You have a Mysql database created. Check Appendix for detailed steps if you have not set it up.
-
You have deployed the ForgeRock Identity Platform using the CDK deployment pattern as described in the documentation: Cloud Developer’s Kit 2. (https://backstage.forgerock.com/docs/forgeops/7.1/cdk/overview.html[Cloud
- Developer’s Kit Documentation
-
ForgeOps Documentation])
Note: The CDK is a minimal sample deployment of the ForgeRock Identity Platform on Kubernetes that you can use for demonstration and development purposes.
Steps to configure workflow
IDM needs two configuration files to activate the workflow bundle:
-
workflow.json (The Flowable engine configuration, including the data source).
-
datasource.jdbc-default.json (The default data source for Flowable).
-
Export config
-
-
./config export idm my-profile --sortThis step will create a directory named, my-profile:
forgeops/docker/idm/config-profiles/my-profile
-
Get the following files from on-prem envy and copy it to:
forgeops/docker/idm/config-profiles/my-profile/conf
-
-
endpoint-getavailableuserstoassign.json
-
endpoint-getprocessesforuser.json
-
endpoint-gettasksview.json
-
process-access.json
-
Create workflow.json and datasource.jdbc-*myflow.json*
in forgeops/docker/idm/config-profiles/my-profile/conf directory:
-
{
"groupResource": {
"path": "managed/group",
"queryFilter": "/id eq \"${gid}\""
},
"useDataSource": "myflow",
"userResource": {
"path": "managed/user",
"queryFilter": "/userName eq \"${username}\""
},
"workflowDirectory": "&{idm.instance.dir}/workflow"
}
Note: myflow needs to match the file name datasource.jdbc-myflow.json
datasource.jdbc-myflow.json
{
"connectionPool": {
"maximumPoolSize": 50,
"minimumIdle": 20,
"type": "hikari"
},
"connectionTimeout": 30000,
"databaseName": "openidm",
"driverClass": "com.mysql.jdbc.Driver",
"jdbcUrl": "jdbc:mysql://openidm.:10.x.x.x:3306/openidm?allowMultiQueries=true&characterEncoding=utf8&useSSL=false",
"password": "yourpassword",
"username": "openidm"
}-
Create workflow dir and copy sample bar files
-
`mkdir -p forgeops/docker/idm/config-profiles/my-profile/workflow `
-
cp managedUserApproval.bar contractorOnboarding.barto this newly created workflow
-
-
Modify forgeops/docker/idm/Dockerfile
-
COPY --chown=forgerock:root mysql-connector-java-5.1.48-bin.jar /opt/openidm/bundle
-
-
Download msql-xversion.jar and copy it to forgeops/docker/idm
mysql-connector-java-5.1.48-bin.jar -
Push the change to docker repo and rebuild Idm
-
. ./forgeops build idm --config-profile my-profile --push-to none -
./forgeops delete idm -
./forgeops install idm --cdk
-
