diff --git a/deploy/conf-secrets/install.sh b/deploy/conf-secrets/install.sh index 66428fc5e5a..8645e88ae26 100755 --- a/deploy/conf-secrets/install.sh +++ b/deploy/conf-secrets/install.sh @@ -7,7 +7,7 @@ if [ $# -ge 1 ] ; then fi NS=conf-secrets -CHART_VERSION=1.3.0-develop +CHART_VERSION=1.3.0 echo Create $NS namespace kubectl create ns $NS diff --git a/deploy/config-server/install.sh b/deploy/config-server/install.sh index 4d0d2740420..a67c5545dbe 100755 --- a/deploy/config-server/install.sh +++ b/deploy/config-server/install.sh @@ -7,7 +7,7 @@ if [ $# -ge 1 ] ; then fi NS=config-server -CHART_VERSION=1.3.0-develop +CHART_VERSION=1.3.0 read -p "Is conf-secrets module installed?(Y/n) " conf_installed diff --git a/deploy/kernel/install.sh b/deploy/kernel/install.sh index e1626250e0d..a72301a6dfe 100755 --- a/deploy/kernel/install.sh +++ b/deploy/kernel/install.sh @@ -7,7 +7,7 @@ if [ $# -ge 1 ] ; then fi NS=kernel -CHART_VERSION=1.3.0-develop +CHART_VERSION=1.3.0 echo Create $NS namespace kubectl create ns $NS diff --git a/helm/conf-secrets/Chart.yaml b/helm/conf-secrets/Chart.yaml index d7b4ac7492e..d8b9b90c863 100644 --- a/helm/conf-secrets/Chart.yaml +++ b/helm/conf-secrets/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: conf-secrets description: A Helm chart for deploying secrets required by MOSIP config-server type: application -version: 1.3.0-develop +version: 1.3.0 appVersion: 1.1.2 dependencies: - name: common diff --git a/helm/config-server/Chart.yaml b/helm/config-server/Chart.yaml index f3f8eb73111..eeea9c3542e 100644 --- a/helm/config-server/Chart.yaml +++ b/helm/config-server/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: config-server description: A Helm chart for configuration of MOSIP modules type: application -version: 1.3.0-develop +version: 1.3.0 appVersion: 1.1.2 dependencies: - name: common diff --git a/helm/config-server/values.yaml b/helm/config-server/values.yaml index 8d3bee9faf9..6f8e506e85f 100644 --- a/helm/config-server/values.yaml +++ b/helm/config-server/values.yaml @@ -3,17 +3,14 @@ # Declare variables to be passed into your templates. replicaCount: 1 - image: - repository: mosipqa/kernel-config-server + repository: mosipid/kernel-config-server pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. - tag: 1.3.x - + tag: 1.3.0 imagePullSecrets: [] nameOverride: "" fullnameOverride: "" - serviceAccount: # Specifies whether a service account should be created create: true @@ -22,10 +19,8 @@ serviceAccount: # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" - ## Port on which this particular spring service module is running. springServicePort: 51000 - ## Configure extra options for startup, liveness and readiness probes ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes ## @@ -39,7 +34,6 @@ startupProbe: timeoutSeconds: 5 failureThreshold: 60 successThreshold: 1 - livenessProbe: enabled: true httpGet: @@ -50,7 +44,6 @@ livenessProbe: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - readinessProbe: enabled: true httpGet: @@ -61,9 +54,7 @@ readinessProbe: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - podAnnotations: {} - ## LifeCycle addition lifecycleHooks: preStop: @@ -72,35 +63,31 @@ lifecycleHooks: - sh - -c - sleep 30 - ## Termination grace periods : the maximum amount of time (in seconds) Kubernetes will wait for a container to gracefully shut down terminationGracePeriodSeconds: 60 - ## Config server docker runs as non-root user by default, so enabling the below may not be required. podSecurityContext: enabled: false runAsUser: 1001 runAsGroup: 2001 fsGroup: 3001 - ## Config server docker runs as non-root user by default, so enabling the below may not be required. securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 +# capabilities: +# drop: +# - ALL +# readOnlyRootFilesystem: true +# runAsNonRoot: true +# runAsUser: 1000 service: type: ClusterIP port: 80 - ingress: enabled: false annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" hosts: - host: chart-example.local paths: [] @@ -108,7 +95,6 @@ ingress: # - secretName: chart-example-tls # hosts: # - chart-example.local - resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little @@ -120,24 +106,19 @@ resources: requests: cpu: 100m memory: 900Mi - autoscaling: enabled: false minReplicas: 1 maxReplicas: 100 targetCPUUtilizationPercentage: 80 # targetMemoryUtilizationPercentage: 80 - nodeSelector: {} - tolerations: [] - affinity: {} - spring_profiles: enabled: true spring_compositeRepos: - # Based on the user requiremnt the number of multiple sources from where configuration needs to be pulled can be updated below as mentioned. + # Based on the user requiremnt the number of multiple sources from where configuration needs to be pulled can be updated below as mentioned. - type: git uri: "" version: "< branch-name >" @@ -151,7 +132,6 @@ spring_profiles: spring_cloud_config_server_git_force_pull: true spring_cloud_config_server_git_refreshRate: 5 spring_fail_on_composite_error: false - localRepo: enabled: false spring_profiles_active: "native" @@ -160,7 +140,6 @@ localRepo: spring_cloud_config_server_git_force_pull: false spring_cloud_config_server_git_refreshRate: 0 spring_cloud_config_server_git_cloneOnStart: false - volume: ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning @@ -183,9 +162,10 @@ volume: # Dir where config and keys are written inside container mountDir: '/var/lib/config_repo' nfs: - path: '' # Dir within the nfs server where config repo is cloned/maintained locally. - server: '' # Ip address of nfs server. - + path: '' + # Dir within the nfs server where config repo is cloned/maintained locally. + server: '' + # Ip address of nfs server. ## Init containers parameters: ## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section. ## @@ -219,7 +199,6 @@ volumePermissions: ## cpu: 100m ## memory: 128Mi ## - # All env variables that are accessed from mosip config properties envVariables: - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_API_PUBLIC_HOST @@ -228,579 +207,495 @@ envVariables: name: global key: mosip-api-host enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_API_INTERNAL_HOST valueFrom: configMapKeyRef: name: global key: mosip-api-internal-host enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ADMIN_HOST valueFrom: configMapKeyRef: name: global key: mosip-admin-host enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PREREG_HOST valueFrom: configMapKeyRef: name: global key: mosip-prereg-host enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_RESIDENT_HOST valueFrom: configMapKeyRef: name: global key: mosip-resident-host enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PMP_HOST valueFrom: configMapKeyRef: name: global key: mosip-pmp-host enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PMP_REVAMP_UI_HOST valueFrom: configMapKeyRef: name: global key: mosip-pmp-revamp-ui-host enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_COMPLIANCE_HOST valueFrom: configMapKeyRef: name: global key: mosip-compliance-host enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ESIGNET_HOST valueFrom: configMapKeyRef: name: global key: mosip-esignet-host enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_SIGNUP_HOST valueFrom: configMapKeyRef: name: global key: mosip-signup-host enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_DBUSER_PASSWORD valueFrom: secretKeyRef: name: db-common-secrets key: db-dbuser-password enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_INTERNAL_URL valueFrom: configMapKeyRef: name: keycloak-host key: keycloak-internal-url enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_EXTERNAL_URL valueFrom: configMapKeyRef: name: keycloak-host key: keycloak-external-url enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_INTERNAL_HOST valueFrom: configMapKeyRef: name: keycloak-host key: keycloak-internal-host enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_EXTERNAL_HOST valueFrom: configMapKeyRef: name: keycloak-host key: keycloak-external-host enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ABIS_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_abis_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_SYNCDATA_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_syncdata_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_CRESER_IDPASS_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_creser_idpass_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_AUTH_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mpartner_default_auth_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_IDREPO_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_idrepo_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_PRINT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mpartner_default_print_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_DIGITALCARD_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mpartner_default_digitalcard_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ADMIN_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_admin_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_AUTH_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_auth_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_CREREQ_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_crereq_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_CRESER_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_creser_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_DATSHA_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_datsha_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_IDA_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_ida_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_MISP_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_misp_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PMS_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_pms_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_POLICYMANAGER_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_policymanager_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_REG_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_reg_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_REGPROC_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_regproc_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_RESIDENT_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_resident_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PREREG_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_prereg_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_HOTLIST_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_hotlist_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_DIGITALCARD_CLIENT_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mosip_digitalcard_client_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_ADMIN_PASSWORD valueFrom: secretKeyRef: name: keycloak key: admin-password enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SOFTHSM_KERNEL_SECURITY_PIN valueFrom: secretKeyRef: name: softhsm-kernel key: security-pin enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SOFTHSM_IDA_SECURITY_PIN valueFrom: secretKeyRef: name: softhsm-ida key: security-pin enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_ACTIVEMQ_HOST valueFrom: configMapKeyRef: name: activemq-activemq-artemis-share key: activemq-host enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_ACTIVEMQ_CORE_PORT valueFrom: configMapKeyRef: name: activemq-activemq-artemis-share key: activemq-core-port enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_ACTIVEMQ_PASSWORD valueFrom: secretKeyRef: name: activemq-activemq-artemis key: artemis-password enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_AUTHTYPE_CALLBACK_SECRET valueFrom: secretKeyRef: name: conf-secrets-various key: ida-websub-authtype-callback-secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_CREDENTIAL_ISSUE_CALLBACK_SECRET valueFrom: secretKeyRef: name: conf-secrets-various key: ida-websub-credential-issue-callback-secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_PARTNER_SERVICE_CALLBACK_SECRET valueFrom: secretKeyRef: name: conf-secrets-various key: ida-websub-partner-service-callback-secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_CA_CERTIFICATE_CALLBACK_SECRET valueFrom: secretKeyRef: name: conf-secrets-various key: ida-websub-ca-certificate-callback-secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_HOTLIST_CALLBACK_SECRET valueFrom: secretKeyRef: name: conf-secrets-various key: ida-websub-hotlist-callback-secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_MASTERDATA_TEMPLATES_CALLBACK_SECRET valueFrom: secretKeyRef: name: conf-secrets-various key: ida-websub-masterdata-templates-callback-secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_MASTERDATA_TITLES_CALLBACK_SECRET valueFrom: secretKeyRef: name: conf-secrets-various key: ida-websub-masterdata-titles-callback-secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDREPO_WEBSUB_VID_CREDENTIAL_UPDATE_SECRET valueFrom: secretKeyRef: name: conf-secrets-various key: idrepo-websub-vid-credential-update-secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_WEBSUB_CREDENTIAL_STATUS_UPDATE_SECRET valueFrom: secretKeyRef: name: conf-secrets-various key: resident-websub-credential-status-update-secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_KERNEL_TOKENID_UIN_SALT valueFrom: secretKeyRef: name: conf-secrets-various key: mosip-kernel-tokenid-uin-salt enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_KERNEL_TOKENID_PARTNERCODE_SALT valueFrom: secretKeyRef: name: conf-secrets-various key: mosip-kernel-tokenid-partnercode-salt enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_PRINT_WEBSUB_HUB_SECRET valueFrom: secretKeyRef: name: conf-secrets-various key: print-websub-hub-secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_HUB_SECRET_ENCRYPTION_KEY valueFrom: secretKeyRef: name: conf-secrets-various key: hub-secret-encryption-key enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_ACCESSKEY valueFrom: configMapKeyRef: name: s3 key: s3-user-key enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_REGION valueFrom: configMapKeyRef: name: s3 key: s3-region enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_SECRETKEY valueFrom: secretKeyRef: name: s3 key: s3-user-secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMTP_HOST valueFrom: configMapKeyRef: name: msg-gateway key: smtp-host enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_HOST valueFrom: configMapKeyRef: name: msg-gateway key: sms-host enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMTP_PORT valueFrom: configMapKeyRef: name: msg-gateway key: smtp-port enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_PORT valueFrom: configMapKeyRef: name: msg-gateway key: sms-port enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMTP_USERNAME valueFrom: configMapKeyRef: name: msg-gateway key: smtp-username enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_USERNAME valueFrom: configMapKeyRef: name: msg-gateway key: sms-username enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMTP_SECRET valueFrom: secretKeyRef: name: msg-gateway key: smtp-secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_SECRET valueFrom: secretKeyRef: name: msg-gateway key: sms-secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_AUTHKEY valueFrom: secretKeyRef: name: msg-gateway key: sms-authkey enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_PREREG_CAPTCHA_SITE_KEY valueFrom: secretKeyRef: name: mosip-captcha key: prereg-captcha-site-key enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_PREREG_CAPTCHA_SECRET_KEY valueFrom: secretKeyRef: name: mosip-captcha key: prereg-captcha-secret-key enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_CAPTCHA_SITE_KEY valueFrom: secretKeyRef: name: mosip-captcha key: resident-captcha-site-key enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_CAPTCHA_SECRET_KEY valueFrom: secretKeyRef: name: mosip-captcha key: resident-captcha-secret-key enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_PRETEXT_VALUE valueFrom: secretKeyRef: name: s3 key: s3-pretext-value enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_MOBILE_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mpartner_default_mobile_secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_WEBSUB_AUTHTYPE_STATUS_SECRET valueFrom: secretKeyRef: name: conf-secrets-various key: resident-websub-authtype-status-secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_WEBSUB_AUTH_TRANSACTION_STATUS_SECRET valueFrom: secretKeyRef: name: conf-secrets-various key: resident-websub-auth-transaction-status-secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_IDA_KYC_TOKEN_SECRET valueFrom: secretKeyRef: name: conf-secrets-various key: mosip-ida-kyc-token-secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_WEBSUB_REGPROC_WORKFLOW_COMPLETE_SECRET valueFrom: secretKeyRef: name: conf-secrets-various key: resident-websub-regproc-workflow-complete-secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDREPO_WEBSUB_REMOVE_ID_STATUS_SECRET valueFrom: secretKeyRef: name: conf-secrets-various key: idrepo-websub-remove-id-status-secret enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PARTNER_CRYPTO_P12_PASSWORD valueFrom: secretKeyRef: name: conf-secrets-various key: mosip-partner-crypto-p12-password enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_RESIDENT_REQUEST_CREDENTIAL_ENCRYPTION_KEY valueFrom: secretKeyRef: name: conf-secrets-various key: mosip-resident-request-credential-encryption-key enabled: true - - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_TEMPLATE_SECRET valueFrom: secretKeyRef: name: keycloak-client-secrets key: mpartner_default_template_secret enabled: true - - ## The active profile env if you have another set of properties. Correspondingly, properties in Git repo will ## have names of type "*-default.properties" activeProfileEnv: default - ## Extra environment variables to be passed to the config-server container ## By default, these are disabled in helm chart. Override in deploy values.yaml as needed. extraEnvVars: diff --git a/helm/idgenerator/Chart.yaml b/helm/idgenerator/Chart.yaml index cf58101cdaf..7a3a47899d3 100644 --- a/helm/idgenerator/Chart.yaml +++ b/helm/idgenerator/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: idgenerator description: A Helm chart for MOSIP Idgenerator module type: application -version: 1.3.0-develop +version: 1.3.0 appVersion: "" dependencies: - name: common diff --git a/helm/idgenerator/values.yaml b/helm/idgenerator/values.yaml index 4f9eaaedf58..7ee36c2266d 100644 --- a/helm/idgenerator/values.yaml +++ b/helm/idgenerator/values.yaml @@ -12,23 +12,18 @@ ## commonLabels: app.kubernetes.io/component: mosip - ## Add annotations to all the deployed resources ## commonAnnotations: {} - ## Kubernetes Cluster Domain ## clusterDomain: cluster.local - ## Extra objects to deploy (value evaluated as a template) ## extraDeploy: [] - ## Number of nodes ## replicaCount: 1 - service: type: ClusterIP port: 80 @@ -49,11 +44,10 @@ service: ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip ## externalTrafficPolicy: Cluster - image: registry: docker.io - repository: mosipqa/kernel-idgenerator-service - tag: 1.3.x + repository: mosipid/kernel-idgenerator-service + tag: 1.3.0 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images @@ -65,15 +59,12 @@ image: ## # pullSecrets: # - myRegistryKeySecretName - ## Port on which this particular spring service module is running. springServicePort: 8080 - ## Configure extra options for liveness and readiness probes ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes ## ## TODO: probes disabled as they don't work for some reason - startupProbe: enabled: true httpGet: @@ -84,7 +75,6 @@ startupProbe: timeoutSeconds: 5 failureThreshold: 60 successThreshold: 1 - livenessProbe: enabled: true httpGet: @@ -95,7 +85,6 @@ livenessProbe: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - readinessProbe: enabled: true httpGet: @@ -106,7 +95,6 @@ readinessProbe: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - ## # existingConfigmap: @@ -114,12 +102,10 @@ readinessProbe: ## command: [] args: [] - ## Deployment pod host aliases ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ ## hostAliases: [] - ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## resources: @@ -133,37 +119,31 @@ resources: requests: cpu: 250m memory: 2100Mi - additionalResources: ## Specify any JAVA_OPTS string here. These typically will be specified in conjunction with above resources ## Example: java_opts: "-Xms500M -Xmx500M" javaOpts: "-Xms1575M -Xmx1575M" - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## Clamav container already runs as 'mosip' user, so we may not need to enable this containerSecurityContext: enabled: false runAsUser: mosip runAsNonRoot: true - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod ## podSecurityContext: enabled: false fsGroup: 1001 - ## Pod affinity preset ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity ## Allowed values: soft, hard ## podAffinityPreset: "" - ## Pod anti-affinity preset ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity ## Allowed values: soft, hard ## podAntiAffinityPreset: soft - ## Node affinity preset ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity ## Allowed values: soft, hard @@ -185,32 +165,26 @@ nodeAffinityPreset: ## - e2e-az2 ## values: [] - ## Affinity for pod assignment. Evaluated as a template. ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## affinity: {} - ## Node labels for pod assignment. Evaluated as a template. ## ref: https://kubernetes.io/docs/user-guide/node-selection/ ## nodeSelector: {} - ## Tolerations for pod assignment. Evaluated as a template. ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ ## tolerations: [] - ## Pod extra labels ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ ## podLabels: {} - ## Annotations for server pods. ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ ## podAnnotations: {} - ## pods' priority. ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ ## @@ -225,18 +199,14 @@ lifecycleHooks: - sh - -c - sleep 30 - ## Termination grace perios : the maximum amount of time (in seconds) Kubernetes will wait for a container to gracefully shut down terminationGracePeriodSeconds: 60 - ## Custom Liveness probes for ## customLivenessProbe: {} - ## Custom Rediness probes ## customReadinessProbe: {} - ## Update strategy - only really applicable for deployments with RWO PVs attached ## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the ## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will @@ -244,7 +214,6 @@ customReadinessProbe: {} ## updateStrategy: type: RollingUpdate - ## Additional environment variables to set ## Example: ## extraEnvVars: @@ -252,26 +221,21 @@ updateStrategy: ## value: "bar" ## extraEnvVars: [] - ## ConfigMap with extra environment variables that used ## extraEnvVarsCM: - global - config-server-share - artifactory-share - ## Secret with extra environment variables ## extraEnvVarsSecret: [] - ## Extra volumes to add to the deployment ## extraVolumes: [] - ## Extra volume mounts to add to the container ## extraVolumeMounts: [] - ## Add init containers to the pods. ## Example: ## initContainers: @@ -283,7 +247,6 @@ extraVolumeMounts: [] ## containerPort: 1234 ## initContainers: {} - ## Add sidecars to the pods. ## Example: ## sidecars: @@ -295,7 +258,6 @@ initContainers: {} ## containerPort: 1234 ## sidecars: {} - persistence: enabled: false ## If defined, storageClassName: @@ -317,7 +279,6 @@ persistence: existingClaim: # Dir where config and keys are written inside container mountDir: - ## Init containers parameters: ## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section. ## @@ -351,12 +312,10 @@ volumePermissions: ## cpu: 100m ## memory: 128Mi ## - ## Specifies whether RBAC resources should be created ## rbac: create: true - ## Specifies whether a ServiceAccount should be created ## serviceAccount: @@ -365,7 +324,6 @@ serviceAccount: ## If not set and create is true, a name is generated using the fullname template ## name: - ## Prometheus Metrics ## metrics: @@ -375,9 +333,7 @@ metrics: ## podAnnotations: prometheus.io/scrape: "true" - endpointPath: /v1/idgenerator/actuator/prometheus - ## Prometheus Service Monitor ## ref: https://github.com/coreos/prometheus-operator ## @@ -404,7 +360,6 @@ metrics: ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec ## additionalLabels: {} - ## Custom PrometheusRule to be defined ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions @@ -422,7 +377,6 @@ metrics: # labels: # severity: error rules: [] - ## Only internal access istio: enabled: true diff --git a/helm/notifier/Chart.yaml b/helm/notifier/Chart.yaml index 2393c1175da..0616ffc4020 100644 --- a/helm/notifier/Chart.yaml +++ b/helm/notifier/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: notifier description: A Helm chart for MOSIP Notifier module type: application -version: 1.3.0-develop +version: 1.3.0 appVersion: "" dependencies: - name: common diff --git a/helm/notifier/values.yaml b/helm/notifier/values.yaml index eededc76429..741296dad3f 100644 --- a/helm/notifier/values.yaml +++ b/helm/notifier/values.yaml @@ -12,23 +12,18 @@ ## commonLabels: app.kubernetes.io/component: mosip - ## Add annotations to all the deployed resources ## commonAnnotations: {} - ## Kubernetes Cluster Domain ## clusterDomain: cluster.local - ## Extra objects to deploy (value evaluated as a template) ## extraDeploy: [] - ## Number of nodes ## replicaCount: 1 - service: type: ClusterIP port: 80 @@ -49,11 +44,10 @@ service: ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip ## externalTrafficPolicy: Cluster - image: registry: docker.io - repository: mosipqa/kernel-notification-service - tag: 1.3.x + repository: mosipid/kernel-notification-service + tag: 1.3.0 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images @@ -65,10 +59,8 @@ image: ## # pullSecrets: # - myRegistryKeySecretName - ## Port on which this particular spring service module is running. springServicePort: 8083 - ## Configure extra options for liveness and readiness probes ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes ## @@ -82,7 +74,6 @@ startupProbe: timeoutSeconds: 5 failureThreshold: 30 successThreshold: 1 - livenessProbe: enabled: true httpGet: @@ -93,7 +84,6 @@ livenessProbe: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - readinessProbe: enabled: true httpGet: @@ -104,7 +94,6 @@ readinessProbe: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - ## # existingConfigmap: @@ -112,12 +101,10 @@ readinessProbe: ## command: [] args: [] - ## Deployment pod host aliases ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ ## hostAliases: [] - ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## resources: @@ -131,37 +118,31 @@ resources: requests: cpu: 750m memory: 3000Mi - additionalResources: ## Specify any JAVA_OPTS string here. These typically will be specified in conjunction with above resources ## Example: java_opts: "-Xms500M -Xmx500M" javaOpts: "-Xms2250M -Xmx2250M" - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## Clamav container already runs as 'mosip' user, so we may not need to enable this containerSecurityContext: enabled: false runAsUser: mosip runAsNonRoot: true - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod ## podSecurityContext: enabled: false fsGroup: 1001 - ## Pod affinity preset ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity ## Allowed values: soft, hard ## podAffinityPreset: "" - ## Pod anti-affinity preset ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity ## Allowed values: soft, hard ## podAntiAffinityPreset: soft - ## Node affinity preset ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity ## Allowed values: soft, hard @@ -183,32 +164,26 @@ nodeAffinityPreset: ## - e2e-az2 ## values: [] - ## Affinity for pod assignment. Evaluated as a template. ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## affinity: {} - ## Node labels for pod assignment. Evaluated as a template. ## ref: https://kubernetes.io/docs/user-guide/node-selection/ ## nodeSelector: {} - ## Tolerations for pod assignment. Evaluated as a template. ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ ## tolerations: [] - ## Pod extra labels ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ ## podLabels: {} - ## Annotations for server pods. ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ ## podAnnotations: {} - ## pods' priority. ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ ## @@ -216,7 +191,6 @@ podAnnotations: {} ## lifecycleHooks for the container to automate configuration before or after startup. ## - lifecycleHooks: preStop: exec: @@ -224,18 +198,14 @@ lifecycleHooks: - sh - -c - sleep 30 - ## Termination grace perios : the maximum amount of time (in seconds) Kubernetes will wait for a container to gracefully shut down terminationGracePeriodSeconds: 60 - ## Custom Liveness probes for ## customLivenessProbe: {} - ## Custom Rediness probes ## customReadinessProbe: {} - ## Update strategy - only really applicable for deployments with RWO PVs attached ## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the ## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will @@ -243,7 +213,6 @@ customReadinessProbe: {} ## updateStrategy: type: RollingUpdate - ## Additional environment variables to set ## Example: # extraEnvVars: @@ -252,26 +221,21 @@ updateStrategy: ## ## The runtime url below is assumed to be artifactory url for default installation. Change as per your deployment. extraEnvVars: [] - ## ConfigMap with extra environment variables that used ## extraEnvVarsCM: - global - config-server-share - artifactory-share - ## Secret with extra environment variables ## extraEnvVarsSecret: [] - ## Extra volumes to add to the deployment ## extraVolumes: [] - ## Extra volume mounts to add to the container ## extraVolumeMounts: [] - ## Add init containers to the pods. ## Example: ## initContainers: @@ -283,7 +247,6 @@ extraVolumeMounts: [] ## containerPort: 1234 ## initContainers: {} - ## Add sidecars to the pods. ## Example: ## sidecars: @@ -295,7 +258,6 @@ initContainers: {} ## containerPort: 1234 ## sidecars: {} - persistence: enabled: false ## If defined, storageClassName: @@ -317,7 +279,6 @@ persistence: existingClaim: # Dir where config and keys are written inside container mountDir: - ## Init containers parameters: ## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section. ## @@ -351,12 +312,10 @@ volumePermissions: ## cpu: 100m ## memory: 128Mi ## - ## Specifies whether RBAC resources should be created ## rbac: create: true - ## Specifies whether a ServiceAccount should be created ## serviceAccount: @@ -365,7 +324,6 @@ serviceAccount: ## If not set and create is true, a name is generated using the fullname template ## name: - ## Prometheus Metrics ## metrics: @@ -375,9 +333,7 @@ metrics: ## podAnnotations: prometheus.io/scrape: "true" - endpointPath: /v1/notifier/actuator/prometheus - ## Prometheus Service Monitor ## ref: https://github.com/coreos/prometheus-operator ## @@ -404,7 +360,6 @@ metrics: ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec ## additionalLabels: {} - ## Custom PrometheusRule to be defined ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions @@ -422,7 +377,6 @@ metrics: # labels: # severity: error rules: [] - # runtimeDepUrlpath: http://artifactory-service/artifactory/libs-release-local/io/mosip/kernel/ ## Only internal access diff --git a/helm/pridgenerator/Chart.yaml b/helm/pridgenerator/Chart.yaml index 9f58969fd00..2182bfbbd10 100644 --- a/helm/pridgenerator/Chart.yaml +++ b/helm/pridgenerator/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: pridgenerator description: A Helm chart for MOSIP PRIDgenerator module type: application -version: 1.3.0-develop +version: 1.3.0 appVersion: "" dependencies: - name: common diff --git a/helm/pridgenerator/values.yaml b/helm/pridgenerator/values.yaml index c1826ea3839..dd548b4b3f0 100644 --- a/helm/pridgenerator/values.yaml +++ b/helm/pridgenerator/values.yaml @@ -12,23 +12,18 @@ ## commonLabels: app.kubernetes.io/component: mosip - ## Add annotations to all the deployed resources ## commonAnnotations: {} - ## Kubernetes Cluster Domain ## clusterDomain: cluster.local - ## Extra objects to deploy (value evaluated as a template) ## extraDeploy: [] - ## Number of nodes ## replicaCount: 1 - service: type: ClusterIP port: 80 @@ -49,11 +44,10 @@ service: ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip ## externalTrafficPolicy: Cluster - image: registry: docker.io - repository: mosipqa/kernel-pridgenerator-service - tag: 1.3.x + repository: mosipid/kernel-pridgenerator-service + tag: 1.3.0 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images @@ -65,10 +59,8 @@ image: ## # pullSecrets: # - myRegistryKeySecretName - ## Port on which this particular spring service module is running. springServicePort: 8100 - ## Configure extra options for liveness and readiness probes ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes ## @@ -83,7 +75,6 @@ startupProbe: timeoutSeconds: 5 failureThreshold: 30 successThreshold: 1 - livenessProbe: enabled: true httpGet: @@ -94,7 +85,6 @@ livenessProbe: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - readinessProbe: enabled: true httpGet: @@ -105,7 +95,6 @@ readinessProbe: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - ## # existingConfigmap: @@ -113,12 +102,10 @@ readinessProbe: ## command: [] args: [] - ## Deployment pod host aliases ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ ## hostAliases: [] - ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## resources: @@ -132,37 +119,31 @@ resources: requests: cpu: 150m memory: 1050Mi - additionalResources: ## Specify any JAVA_OPTS string here. These typically will be specified in conjunction with above resources ## Example: java_opts: "-Xms500M -Xmx500M" javaOpts: "-Xms630M -Xmx700M" - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## Clamav container already runs as 'mosip' user, so we may not need to enable this containerSecurityContext: enabled: false runAsUser: mosip runAsNonRoot: true - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod ## podSecurityContext: enabled: false fsGroup: 1001 - ## Pod affinity preset ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity ## Allowed values: soft, hard ## podAffinityPreset: "" - ## Pod anti-affinity preset ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity ## Allowed values: soft, hard ## podAntiAffinityPreset: soft - ## Node affinity preset ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity ## Allowed values: soft, hard @@ -184,32 +165,26 @@ nodeAffinityPreset: ## - e2e-az2 ## values: [] - ## Affinity for pod assignment. Evaluated as a template. ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## affinity: {} - ## Node labels for pod assignment. Evaluated as a template. ## ref: https://kubernetes.io/docs/user-guide/node-selection/ ## nodeSelector: {} - ## Tolerations for pod assignment. Evaluated as a template. ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ ## tolerations: [] - ## Pod extra labels ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ ## podLabels: {} - ## Annotations for server pods. ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ ## podAnnotations: {} - ## pods' priority. ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ ## @@ -224,18 +199,14 @@ lifecycleHooks: - sh - -c - sleep 30 - ## Termination grace perios : the maximum amount of time (in seconds) Kubernetes will wait for a container to gracefully shut down terminationGracePeriodSeconds: 60 - ## Custom Liveness probes for ## customLivenessProbe: {} - ## Custom Rediness probes ## customReadinessProbe: {} - ## Update strategy - only really applicable for deployments with RWO PVs attached ## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the ## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will @@ -243,7 +214,6 @@ customReadinessProbe: {} ## updateStrategy: type: RollingUpdate - ## Additional environment variables to set ## Example: ## extraEnvVars: @@ -251,26 +221,21 @@ updateStrategy: ## value: "bar" ## extraEnvVars: [] - ## ConfigMap with extra environment variables that used ## extraEnvVarsCM: - global - config-server-share - artifactory-share - ## Secret with extra environment variables ## extraEnvVarsSecret: [] - ## Extra volumes to add to the deployment ## extraVolumes: [] - ## Extra volume mounts to add to the container ## extraVolumeMounts: [] - ## Add init containers to the pods. ## Example: ## initContainers: @@ -282,7 +247,6 @@ extraVolumeMounts: [] ## containerPort: 1234 ## initContainers: {} - ## Add sidecars to the pods. ## Example: ## sidecars: @@ -294,7 +258,6 @@ initContainers: {} ## containerPort: 1234 ## sidecars: {} - persistence: enabled: false ## If defined, storageClassName: @@ -316,7 +279,6 @@ persistence: existingClaim: # Dir where config and keys are written inside container mountDir: - ## Init containers parameters: ## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section. ## @@ -350,12 +312,10 @@ volumePermissions: ## cpu: 100m ## memory: 128Mi ## - ## Specifies whether RBAC resources should be created ## rbac: create: true - ## Specifies whether a ServiceAccount should be created ## serviceAccount: @@ -364,7 +324,6 @@ serviceAccount: ## If not set and create is true, a name is generated using the fullname template ## name: - ## Prometheus Metrics ## metrics: @@ -374,9 +333,7 @@ metrics: ## podAnnotations: prometheus.io/scrape: "true" - endpointPath: /v1/pridgenerator/metrics - ## Prometheus Service Monitor ## ref: https://github.com/coreos/prometheus-operator ## @@ -403,7 +360,6 @@ metrics: ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec ## additionalLabels: {} - ## Custom PrometheusRule to be defined ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions @@ -421,7 +377,6 @@ metrics: # labels: # severity: error rules: [] - ## Only internal access istio: enabled: true diff --git a/helm/regproc-salt/Chart.yaml b/helm/regproc-salt/Chart.yaml index 524243bbb2d..d53f34892b4 100644 --- a/helm/regproc-salt/Chart.yaml +++ b/helm/regproc-salt/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: regproc-salt description: A Helm chart to generate keys for Kernel type: application -version: 1.3.0-develop +version: 1.3.0 appVersion: "" dependencies: - name: common diff --git a/helm/regproc-salt/values.yaml b/helm/regproc-salt/values.yaml index 81ca890bcce..0e9c6b0a875 100644 --- a/helm/regproc-salt/values.yaml +++ b/helm/regproc-salt/values.yaml @@ -26,8 +26,8 @@ extraDeploy: [] replicaCount: 1 image: registry: docker.io - repository: mosipqa/kernel-salt-generator - tag: 1.3.x + repository: mosipid/kernel-salt-generator + tag: 1.3.0 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images diff --git a/helm/ridgenerator/Chart.yaml b/helm/ridgenerator/Chart.yaml index 95cac75533f..0257915a1a7 100644 --- a/helm/ridgenerator/Chart.yaml +++ b/helm/ridgenerator/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: ridgenerator description: A Helm chart for MOSIP RIDgenerator module type: application -version: 1.3.0-develop +version: 1.3.0 appVersion: "" dependencies: - name: common diff --git a/helm/ridgenerator/values.yaml b/helm/ridgenerator/values.yaml index bf276115f91..df4ef94be8e 100644 --- a/helm/ridgenerator/values.yaml +++ b/helm/ridgenerator/values.yaml @@ -12,23 +12,18 @@ ## commonLabels: app.kubernetes.io/component: mosip - ## Add annotations to all the deployed resources ## commonAnnotations: {} - ## Kubernetes Cluster Domain ## clusterDomain: cluster.local - ## Extra objects to deploy (value evaluated as a template) ## extraDeploy: [] - ## Number of nodes ## replicaCount: 1 - service: type: ClusterIP port: 80 @@ -49,11 +44,10 @@ service: ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip ## externalTrafficPolicy: Cluster - image: registry: docker.io - repository: mosipqa/kernel-ridgenerator-service - tag: 1.3.x + repository: mosipid/kernel-ridgenerator-service + tag: 1.3.0 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images @@ -65,10 +59,8 @@ image: ## # pullSecrets: # - myRegistryKeySecretName - ## Port on which this particular spring service module is running. springServicePort: 8096 - ## Configure extra options for liveness and readiness probes ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes ## @@ -82,7 +74,6 @@ startupProbe: timeoutSeconds: 5 failureThreshold: 30 successThreshold: 1 - livenessProbe: enabled: true httpGet: @@ -93,7 +84,6 @@ livenessProbe: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - readinessProbe: enabled: true httpGet: @@ -104,7 +94,6 @@ readinessProbe: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - ## # existingConfigmap: @@ -112,12 +101,10 @@ readinessProbe: ## command: [] args: [] - ## Deployment pod host aliases ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ ## hostAliases: [] - ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## resources: @@ -131,37 +118,31 @@ resources: requests: cpu: 250m memory: 1500Mi - additionalResources: ## Specify any JAVA_OPTS string here. These typically will be specified in conjunction with above resources ## Example: java_opts: "-Xms500M -Xmx500M" javaOpts: "-Xms1125M -Xmx1125M" - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## Clamav container already runs as 'mosip' user, so we may not need to enable this containerSecurityContext: enabled: false runAsUser: mosip runAsNonRoot: true - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod ## podSecurityContext: enabled: false fsGroup: 1001 - ## Pod affinity preset ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity ## Allowed values: soft, hard ## podAffinityPreset: "" - ## Pod anti-affinity preset ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity ## Allowed values: soft, hard ## podAntiAffinityPreset: soft - ## Node affinity preset ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity ## Allowed values: soft, hard @@ -183,32 +164,26 @@ nodeAffinityPreset: ## - e2e-az2 ## values: [] - ## Affinity for pod assignment. Evaluated as a template. ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## affinity: {} - ## Node labels for pod assignment. Evaluated as a template. ## ref: https://kubernetes.io/docs/user-guide/node-selection/ ## nodeSelector: {} - ## Tolerations for pod assignment. Evaluated as a template. ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ ## tolerations: [] - ## Pod extra labels ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ ## podLabels: {} - ## Annotations for server pods. ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ ## podAnnotations: {} - ## pods' priority. ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ ## @@ -223,18 +198,14 @@ lifecycleHooks: - sh - -c - sleep 30 - ## Termination grace perios : the maximum amount of time (in seconds) Kubernetes will wait for a container to gracefully shut down terminationGracePeriodSeconds: 60 - ## Custom Liveness probes for ## customLivenessProbe: {} - ## Custom Rediness probes ## customReadinessProbe: {} - ## Update strategy - only really applicable for deployments with RWO PVs attached ## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the ## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will @@ -242,7 +213,6 @@ customReadinessProbe: {} ## updateStrategy: type: RollingUpdate - ## Additional environment variables to set ## Example: ## extraEnvVars: @@ -250,26 +220,21 @@ updateStrategy: ## value: "bar" ## extraEnvVars: [] - ## ConfigMap with extra environment variables that used ## extraEnvVarsCM: - global - config-server-share - artifactory-share - ## Secret with extra environment variables ## extraEnvVarsSecret: [] - ## Extra volumes to add to the deployment ## extraVolumes: [] - ## Extra volume mounts to add to the container ## extraVolumeMounts: [] - ## Add init containers to the pods. ## Example: ## initContainers: @@ -281,7 +246,6 @@ extraVolumeMounts: [] ## containerPort: 1234 ## initContainers: {} - ## Add sidecars to the pods. ## Example: ## sidecars: @@ -293,7 +257,6 @@ initContainers: {} ## containerPort: 1234 ## sidecars: {} - persistence: enabled: false ## If defined, storageClassName: @@ -315,7 +278,6 @@ persistence: existingClaim: # Dir where config and keys are written inside container mountDir: - ## Init containers parameters: ## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section. ## @@ -349,12 +311,10 @@ volumePermissions: ## cpu: 100m ## memory: 128Mi ## - ## Specifies whether RBAC resources should be created ## rbac: create: true - ## Specifies whether a ServiceAccount should be created ## serviceAccount: @@ -363,7 +323,6 @@ serviceAccount: ## If not set and create is true, a name is generated using the fullname template ## name: - ## Prometheus Metrics ## metrics: @@ -373,9 +332,7 @@ metrics: ## podAnnotations: prometheus.io/scrape: "true" - endpointPath: /v1/ridgenerator/actuator/prometheus - ## Prometheus Service Monitor ## ref: https://github.com/coreos/prometheus-operator ## @@ -402,7 +359,6 @@ metrics: ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec ## additionalLabels: {} - ## Custom PrometheusRule to be defined ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions @@ -420,7 +376,6 @@ metrics: # labels: # severity: error rules: [] - ## Only internal access istio: enabled: true