ForgeOps

Customized Docker images

ForgeOps provides 11 Docker images for deploying the Ping Identity Platform:

  • Eight component base images:

    • amster

    • am-cdk

    • am-config-upgrader

    • ds

    • idm-cdk

    • ig

    • java-17

  • Four base images that implement the platform’s user interface elements and ForgeOps operators:

    • platform-admin-ui

    • platform-enduser-ui

    • platform-login-ui

    • secret-agent

Before you begin building custom images, ensure that you are using Java version 17 on your computer. For example:

$ java --version
openjdk 17.0.10 2024-01-16
OpenJDK Runtime Environment Temurin-17.0.10+7 (build 17.0.10+7)
OpenJDK 64-Bit Server VM Temurin-17.0.10+7 (build 17.0.10+7, mixed mode)

Building deployable ForgeOps Docker images

  1. Set up your local ForgeOps deployment environment using the forgeops env command.

    $ ./bin/forgeops env --env-name my-env
Updating existing overlay.
Helm environment dir exists, but has no values.yaml.

When creating a new environment, it’s best practice to specify a HTTPS
certificate issuer (--issuer or --cluster-issuer).
You can also skip issuer creation with --skip-issuer.
For demos, you can use 'bin/certmanager-deploy.sh' to deploy cert-manager and
create a self-signed ClusterIssuer called 'default-issuer'.


Continue using a ClusterIssuer called "default-issuer"? [Y/N] y
Using ClusterIssuer: default-issuer

  2. Select the ForgeOps image release you want to use for building your images.

    The following example uses the 2025.1.0 image release from ForgeOps and names locally as my-2025.1.0:

    $ ./bin/forgeops image --release 2025.1.0 --release-name my-2025.1.0 platform
...
Updating release file(s) for docker builds [my-2025.1.0]

  3. Copy your customized AM and IDM configuration profiles to the docker/am/config-profiles and docker/idm/config-profiles directories respectively.

    If you don’t have a ForgeOps deployment, you may not have customized configuration profiles. So you can ignore this step to create the first ForgeOps deployment.

  4. Build your custom docker images. Use the --push-to option of the forgeops build command to push the customized images to your Docker repository.

    $ ./bin/forgeops build --env-name my-env \
  --release-name my-2025.1.0 \
  --config-profile my-profile --push-to my-repo platform

    If you don’t have customized configuration profiles, then you don’t specify the --config-profile my-profile option.

    You can use the --dryrun option to validate your forgeops build command before actual execution. For example:

    $ ./bin/forgeops build --env-name my-env --release-name my-2025.1.0 platform --dryrun
...
Component 'platform' given, setting components
docker build --build-arg REPO=us-docker.pkg.dev/forgeops-public/images-base/am --build-arg TAG=2025.1.0 -t am -f .../forgeops/docker/am/Dockerfile .../forgeops/docker/am
.../forgeops/bin/commands/image -e my-env -k .../forgeops/kustomize -H .../forgeops/helm --image-repo none -b .../forgeops/docker am
docker build --build-arg REPO=us-docker.pkg.dev/forgeops-public/images-base/idm --build-arg TAG=2025.1.0 -t idm -f .../forgeops/docker/idm/Dockerfile .../forgeops/docker/idm
.../forgeops/bin/commands/image -e my-env -k .../forgeops/kustomize -H .../forgeops/helm --image-repo none -b .../forgeops/docker idm
docker build --build-arg REPO=us-docker.pkg.dev/forgeops-public/images-base/ds --build-arg TAG=2025.1.0 -t ds -f .../forgeops/docker/ds/Dockerfile .../forgeops/docker/ds
.../forgeops/bin/commands/image -e my-env -k .../forgeops/kustomize -H .../forgeops/helm --image-repo none -b .../forgeops/docker ds
docker build --build-arg REPO=us-docker.pkg.dev/forgeops-public/images-base/amster --build-arg TAG=2025.1.0 -t amster -f .../forgeops/docker/amster/Dockerfile .../forgeops/docker/amster
.../forgeops/bin/commands/image -e my-env -k .../forgeops/kustomize -H .../forgeops/helm --image-repo none -b .../forgeops/docker amster

  5. Perform a ForgeOps deployment using your customized Docker images.

If you have performed the first ForgeOps deployment, then you need to customize your configuration profiles and redo the steps from the Copying configuration files step and redeploy the ForgeOps platform with your configuration.