Docker: ibmcom/ibm-fhir-schematool supports onboarding and offboarding of a schema in support of the IBM FHIR Server. I am working on a project that runs on OpenShift using CodeReadyContainers, and I needed to test the image with a restricted policy.
Note, these are roughly my notes from testing, and converted to a post.
Recipe
-
Start up Code Ready Containers or create your OpenShift environment.
-
Connect to the Docker registry in CRC
docker login -u kubeadmin -p $(oc whoami -t) default-route-openshift-image-registry.apps-crc.testing
- Build your Docker image with a new tag
docker build . -t default/ibm-fhir-schematool:latest
docker push default/ibm-fhir-schematool:latest
- Login to OpenShift
oc login -u $(oc whoami) -p $(oc whoami -t)
- Create a new persistence.json using one of the examples as a template
oc create secret generic persistence-json --from-file=persistence-onboard-example.json -n=default
- Add the restricted policy to the
developer
user.
oc adm policy add-scc-to-user restricted developer
- Add the
developer
user to thedefault
namespace.
oc adm policy add-role-to-user edit developer -n=default
- Make the locak registry lookup use relative names
oc set image-lookup --all
- Create a new pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: ibm-fhir-server-schematool
spec:
containers:
- name: test-container
image: default/ibm-fhir-schematool
env:
- name: ENV_TOOL_INPUT
valueFrom:
secretKeyRef:
name: persistence-json
key: persistence-onboard-example.json
- Create the pod.
oc apply -f pod.yaml --as=developer -n=default
- Check the logs, and you should see a successful run.
oc logs pod/ibm-fhir-server-schematool