diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml new file mode 100644 index 0000000..623d370 --- /dev/null +++ b/.github/workflows/ci.yaml @@ -0,0 +1,120 @@ +name: Create namespace and deploy on new branch + +on: + push: + branches-ignore: + - main + #branches: + # - 'feature-**' + + + +concurrency: + group: ${{ github.ref }} + cancel-in-progress: false + +jobs: + + create: + runs-on: ubuntu-latest + steps: + + - name: Git checkout + uses: actions/checkout@v1 + + - name: Authenticate and set context + uses: redhat-actions/oc-login@v1 + + with: + # URL to your OpenShift cluster. + # Refer to Step 2. + openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} + + # Authentication Token. Can use username and password instead. + # Refer to Step 3. + openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} + + # Disables SSL cert checking. Use this if you don't have the certificate authority data. + insecure_skip_tls_verify: true + + # extract the current branch name and provide it as a var for easier integration into sed-commands + - name: Get branch name + id: branch-name + uses: tj-actions/branch-names@v5.2 + + - name: Log the branch name + run: | + echo ${{ steps.branch-name.outputs.current_branch }} + + - name: Create namespace + run: | + oc new-project i4t-consumer-${{ steps.branch-name.outputs.current_branch }} || oc project i4t-consumer-${{ steps.branch-name.outputs.current_branch }} + oc adm policy add-role-to-group cluster-admin lodestar-developers -n i4t-consumer-${{ steps.branch-name.outputs.current_branch }} + + - name: Rename target branch + run: | + cd i4trust-consumer/ + # replace the default destination namespace(i4t-consumer-demo) with the branch namespace (prefixed with i4t-consumer-) + sed -i'' -e 's/destination_namespace: \&destination i4t-consumer-demo/destination_namespace: \&destination i4t-consumer-${{ steps.branch-name.outputs.current_branch }}/g' values.yaml + # prefix the application name with the branch name to avoid collisions (prefixed with i4t-consumer-) + sed -i'' -e 's/release: i4t-consumer-demo/release: i4t-consumer-${{ steps.branch-name.outputs.current_branch }}/g' values.yaml + # set the target revision to the current branch + sed -i'' -e 's/branch: \&branch main/branch: \&branch ${{ steps.branch-name.outputs.current_branch }}/g' values.yaml + # Replace subdomain in URLs with branch name (prefixed by i4t-consumer-) + sed -i'' -e 's/i4t-consumer-main/i4t-consumer-${{ steps.branch-name.outputs.current_branch }}/g' values.yaml + + # See https://github.com/helm/chart-releaser-action/issues/6 + - name: Install Helm + run: | + curl -fsSLo get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 + chmod 700 get_helm.sh + ./get_helm.sh + + - name: Deploy applications + run: | + cd i4trust-consumer/ + # render app of apps and apply it + helm template ${{ secrets.OVERWRITE_VALUES }} -f values.yaml . | oc -n argocd apply -f - + cd .. + + - name: Check if all apps are healthy + run: | + # wait for the changes to take place and potentially crash the applications + sleep 60 + + # bool to check if the apps are healthy + healthy=0 + # counter to set a number of tries + try=0 + tries=30 + # get the list of apps in the namespace + componentsInstalled=$(grep "enabled: true" i4trust-consumer/values.yaml -c) + # check if the condition is met + while [ $healthy == 0 ] && [ $try -lt $tries ] + do + apps=$(oc get applications.argoproj.io --no-headers -n argocd -l destination-namespace=i4t-consumer-${{ steps.branch-name.outputs.current_branch }} | awk '{ print $3 }') + healthyapps=0 + for app in $apps + do + if [ $app != "Healthy" ] + then + echo "Trying again in 30 seconds" + sleep 30 + try=$(( try + 1 )) + break + elif [ $app == "Healthy" ] + then + healthyapps=$(( healthyapps + 1 )) + fi + if [ $healthyapps == $componentsInstalled ] + then + healthy=1 + fi + done + done + + if [ $try -eq $tries ] + then + echo "ERROR: Tried too many times" + exit 1 + fi diff --git a/.github/workflows/cleanup.yaml b/.github/workflows/cleanup.yaml new file mode 100644 index 0000000..578e585 --- /dev/null +++ b/.github/workflows/cleanup.yaml @@ -0,0 +1,40 @@ +name: Delete apps and namespace after deleting branch + +# trigger on branch deletion to bind the namespaces lifecycle to the branch lifecycle +on: + delete: + branches-ignore: + - main + +jobs: + + delete: + + runs-on: ubuntu-latest + steps: + + - name: Git checkout + uses: actions/checkout@v1 + + + - name: Authenticate and set context + uses: redhat-actions/oc-login@v1 + + with: + # URL to your OpenShift cluster. + openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} + + # Authentication Token. Can use username and password instead. + openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} + + # Disables SSL cert checking. Use this if you don't have the certificate authority data. + insecure_skip_tls_verify: true + + - name: Delete applications + run: | + # remove all apps deployed for the namespace corresponding to the branch + oc delete application -l destination-namespace=i4t-consumer-${{ github.event.ref }} -n argocd + # delete the namespace associated to the trigger event's branch + - name: Delete namespace + run: | + oc delete project i4t-consumer-${{ github.event.ref }} diff --git a/README.md b/README.md index b09cbbf..a22e8d0 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,67 @@ # i4trust-consumer App-of-apps of an i4Trust service consumer organisation + +# i4Trust Consumer Demonstrator + +App-of-apps for an i4trust data service consumer (e.g., Happy Pets). + +> :bulb: This repository just provides a setup for temporary demonstration purposes. It is not recommended to be used in a production enviroment. Credentials are visible in clear text and are not encrypted. Installations should be deleted when demonstrations/presentations/etc. have finished. + +The GitHub actions of this repo are configured to deploy a full instance with all components +required for this demonstrator, as soon as a branch is created. It is meant for a temporary deployment only. +Note that the deployment should be deleted after +each presentation/demo/etc., since there are only test accounts registered and credentials are visible in clear text in this +repo. + +Before moving this installation to a production environment, make sure to encrypt all credentials, keys, etc., e.g., +using [sealed-secrets](https://github.com/bitnami-labs/sealed-secrets). + +All scripts are developed for using an OpenShift Kubernetes cluster, but can be easily adapted for any +kind of infrastructure. + + +## Deployment + +It is required to setup two GitHub secrets in the +repository ([also check this manual](https://github.com/FIWARE-Ops/marinera/blob/main/documentation/GITHUB_CI.md#openshift-service-account-permissions)): +* `OPENSHIFT_SERVER`: Server URL of the OpenShift cluster +* `OPENSHIFT_TOKEN`: Token from an OpenShift service account with sufficient permissions for creation/deletion of projects and applications, role assignments and deployments via Helm charts (e.g., with `cluster-admin` role) + +In order to deploy all components, simply create a branch which is named differently than `main`. +The GitHub action will deploy all components to the namespace `i4t-consumer-{BRANCH_NAME}`. + +Routes for externally exposed services are automatically created and hostnames are set dynamically. In order to +retrieve the created hostnames, one can run, e.g., +```shell +kubectl -n i4t-consumer-{BRANCH_NAME} get routes +``` +or check in the OpenShift console or in ArgoCD. + + + + +### Uninstall + +For removing all components and deleting the applications and namespace, simply remove the branch. + + + +## Credentials + +Different accounts are created automatically with default passwords. + +| Component | Username | Password | Comment | +|---------------|------------------------|-------------------|---------| +| Keyrock Consumer | admin@test.com | admin | Admin user of the Consumer Keyrock IDP | +| Keyrock Consumer | operator@consumer.com | operator | Operator employee user of the Consumer | +| Keyrock Consumer Shop | admin@test.com | admin | Admin user of the Consumer Shop Keyrock IDP | +| Keyrock Consumer Shop | max.prime@mymail.com | prime | Prime user of the Consumer shop system | +| Keyrock Consumer Shop | steve.standard@mymail.com | standard | Standard user of the Consumer shop system | + +Root CA, keys and certificates have been created and self-signed using openssl. Keys and certificates used for this demonstrator +can be found in the [certs folder](./certs). These should never be used in any kind of production enviroment or on a +contineously running environment. +Below table displays the assigned EORIs assigned to the different organisations and their keys/certificates: +| Organisation | EORI | +|------------------------|----------------------------| +| Consumer | EU.EORI.DECONSUMERONE | diff --git a/applications/consumer-keyrock-shop/Chart.yaml b/applications/consumer-keyrock-shop/Chart.yaml new file mode 100644 index 0000000..ef6fed8 --- /dev/null +++ b/applications/consumer-keyrock-shop/Chart.yaml @@ -0,0 +1,12 @@ +apiVersion: v2 +name: pdc-keyrock +description: Chart holder for argo-cd + +type: application +version: 0.5.0 +appVersion: "8.3.0" + +dependencies: + - name: keyrock + version: 0.5.0 + repository: https://fiware.github.io/helm-charts diff --git a/applications/consumer-keyrock-shop/templates/create-user-cm.yaml b/applications/consumer-keyrock-shop/templates/create-user-cm.yaml new file mode 100644 index 0000000..3d32906 --- /dev/null +++ b/applications/consumer-keyrock-shop/templates/create-user-cm.yaml @@ -0,0 +1,62 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: consumer-shop-{{ .Values.initScript.createUser.id }}-user-cm + annotations: + "helm.sh/hook": post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation + "helm.sh/hook-weight": "1" +data: + entrypoint.sh: |- + pip install requests + echo "Creating users..." + python /scripts/create.py + create.py: |- + import requests + from requests.exceptions import HTTPError + import sys + + def main(): + KEYROCK_HOST = {{ .Values.keyrock.host | quote }} + + # Login + login_data = { + 'name': {{ .Values.keyrock.admin.email | quote }}, + 'password': {{ .Values.keyrock.admin.password | quote }} + } + login_header = { + 'Content-Type': 'application/json' + } + login_response = requests.post(KEYROCK_HOST+'/v1/auth/tokens', json=login_data, headers=login_header) + try: + login_response.raise_for_status() + except HTTPError as e: + print(e.response.text) + sys.exit(1) + token = login_response.headers["X-Subject-Token"] + + # Create user + user_header = { + 'Content-Type': 'application/json', + 'X-Auth-token': token + } + + {{- range $u := .Values.initScript.createUser.user }} + user_data = { + 'user': { + 'username': {{ $u.username | quote }}, + 'email': {{ $u.email | quote }}, + 'password': {{ $u.password | quote }} + } + } + user_response = requests.post(KEYROCK_HOST+'/v1/users', json=user_data, headers=user_header) + try: + user_response.raise_for_status() + except HTTPError as e: + print(e.response.text) + sys.exit(1) + + {{- end }} + + if __name__ == "__main__": + main() diff --git a/applications/consumer-keyrock-shop/templates/post-hook-user.yaml b/applications/consumer-keyrock-shop/templates/post-hook-user.yaml new file mode 100644 index 0000000..78ea67e --- /dev/null +++ b/applications/consumer-keyrock-shop/templates/post-hook-user.yaml @@ -0,0 +1,26 @@ +{{- if .Values.initScript.createUser.enabled -}} +apiVersion: v1 +kind: Pod +metadata: + name: consumer-shop-user-create-{{ randAlphaNum 5 | lower }} + annotations: + "helm.sh/hook": post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation + "helm.sh/hook-weight": "1" +spec: + containers: + - name: consumer-shop-keyrock-user-create + image: python:3 + command: + - /bin/sh + - /scripts/entrypoint.sh + volumeMounts: + - name: scripts + mountPath: /scripts + volumes: + - name: scripts + configMap: + name: consumer-shop-{{ .Values.initScript.createUser.id }}-user-cm + restartPolicy: Never + +{{- end }} diff --git a/applications/consumer-keyrock-shop/values.yaml b/applications/consumer-keyrock-shop/values.yaml new file mode 100644 index 0000000..61edf9b --- /dev/null +++ b/applications/consumer-keyrock-shop/values.yaml @@ -0,0 +1,274 @@ +keyrock: + statefulset: + image: + repository: fiware/idm + tag: 8.3.0 + #pullPolicy: Always + pullPolicy: IfNotPresent + + db: + user: root + password: dbPassword + host: mysql + + admin: + user: admin + password: admin + email: admin@test.com + + route: + enabled: true + routes: + - tls: + termination: edge + insecureEdgeTerminationPolicy: Redirect + + theme: + ## -- Enable theme + enabled: true + ## -- Name of the theme + name: i4trust-happypets + ## -- Size of PVCs to be created + size: 1Gi + ## Image which holds the theme files + image: i4trust/keyrock-theme-happypets:1.0.0 + ## -- specification of the image pull policy + imagePullPolicy: Always + ## Path to the source theme files inside the container + sourceTheme: /themes/i4trust-happypets + ## Path to the source image files inside the container + sourceImg: /img/i4trust-happypets + ## Optional: Path to the source favicon directory inside the container + sourceFavicon: /favicon + ## Mount path for the source theme files + mountTheme: /opt/fiware-idm/themes/i4trust-happypets + ## Mount path for the source image files + mountImg: /opt/fiware-idm/public/img/i4trust-happypets + ## Mount path for the source favicon + mountFavicon: /opt/fiware-idm/public/favicon.ico + + ## Configuration of Authorisation Registry (AR) + authorisationRegistry: + # -- Enable usage of authorisation registry + enabled: true + # -- Identifier (EORI) of AR + identifier: "EU.EORI.DECONSUMERONE" + # -- URL of AR + url: "internal" + + ## Configuration of iSHARE Satellite + satellite: + # -- Enable usage of satellite + enabled: true + # -- Identifier (EORI) of satellite + identifier: "EU.EORI.FIWARESATELLITE" + # -- URL of satellite + url: "https://ishare-satellite-i4t-consumer-main.apps.fiware.fiware.dev" + # -- Token endpoint of satellite + tokenEndpoint: "https://ishare-satellite-i4t-consumer-main.apps.fiware.fiware.dev/token" + # -- Parties endpoint of satellite + partiesEndpoint: "https://ishare-satellite-i4t-consumer-main.apps.fiware.fiware.dev/parties" + + additionalEnvVars: + - name: IDM_TITLE + value: "Happy Pets Inc. - Shop" + - name: IDM_DEBUG + value: "true" + - name: DEBUG + value: "*" + - name: IDM_DB_NAME + value: i4t_consumer_idm + - name: IDM_DB_SEED + value: "true" + - name: IDM_EMAIL_HOST + value: "mailgun-fiware-io.infra.svc.cluster.local" + - name: IDM_EMAIL_PORT + value: "25" + - name: IDM_EMAIL_ADDRESS + value: "happypets-keyrock-shop@fiware.dev" + - name: IDM_SERVER_MAX_HEADER_SIZE + value: "32768" + + ## -- Configuration of local key and certificate for validation and generation of tokens + token: + # -- Enable storage of local key and certificate + enabled: true + # -- Identifier (EORI) of local organisation + identifier: "EU.EORI.DECONSUMERONE" + # -- String with private key in PEM format + key: | + -----BEGIN RSA PRIVATE KEY----- + MIIJKAIBAAKCAgEAs4W4LDRECJQRqibcXDjznRE8speU9VKzc+8poRoSWV3LYBm6 + ySBV3Q1zy3l0Eju5rUtg3w8L9Y8lKA1RkAwyYnqPhJxAcmu9kcUtmQLYqY+aEigB + Z9dRh7HT2DyIB3znHTDx4eQ91vOFNRdQ6fwOXsapYwRSTE+S8Aed/E8qZo3XgvkJ + akVFnvOw2hv3b34eVpHZcWZmzSBdEmUln/AmdF6R5oNnyfenIoH1DTT4/D6DdNgk + GB80GFvP/vdu3DDQgtcA6GjW/0lG9EwUst8KnNXlOQn8DcZCxZSrOJ5OLVfqP2Sb + TFSD61CijLDiDOzHuIsBvSNC8E/C2r2leClsV85cRH9hXhe9OwHsmOODxV72FQpU + 17gmdFZMc3otXjPrSnc0pp1SgT2YtJLZkdRCNjnUj43ei9GPzOnb0mY/OCfHD14v + sxLfCqEiN+zh9GHenNM6dtAARkIgA/Y7yR34B3UwL01Of2EuXPfp6WXJWuwW6hIt + JkrMynKK/1Iyvmwi5NOQMiIx5nOTJklnMxHafcvQmZ5Nyzrm9L3l0r4zGoU0CKTR + JVcB+lf6ROYvruY2qtzp+mTa29Is8XMZZRz5iuwTeeG4Sn46tOyqn/aIaUtrApVC + Jy8kXfLfltMrJnWoxFOFXIv5F8TUlqgQS22SMRmOX407yVdNGhJypmvaq9UCAwEA + AQKCAgB3sQ0FM+e0THymlHhRaItMSoTMkfH3yqbpAikgR1C6kqWZMi5uEIgO9Pwi + SpzP11BJsTsqHU8c7s6YMKETyH4DWLG9eawiXaErwmpPXS11h8/ykQe240Fxlmen + AVy0mVtCBDMRJ+rvGLfUmPISv0IZgJzI7sWsKVXPgVSdN28Opz1sDnxvhTYQ72sX + UJQdmtnBYEa4q8yYsR48uIFobGZHKhJevXgCmYKuqDTpFEt5anic+8q85nkGUJiR + 5wjb+BPdWFo7mkLWPFX5ZYxbYggiXx4QdI6/5FL6hs/N1QZMhxQgJgTA1IyL5Nwr + r3dXpLrYWJ3VK+Bidtt0mgLr5bpchbDEkD0y3elcIoy6s+20gtl5sQ4/l2Kq19eP + ASlX2JDZJ1VmDKkB0MKYV/XzofxwnTYS1t4yHIwZcRmWVR6yH8X5kYGF/iKnRuvf + GfGh8Sv2R4R8uE7Gi//709z1eQusaID9zckw3LJyIEaBFv6aoeX40CJ3CE0QwgxP + rfb8+fmYzJJR8+lgwh6qXX1eLbaqOTrZwS7U+G8wtFDL8JgNqqrZx+vs5X79qPNf + rXbYEbUVYzd5A2+x03PxN6Ig+FUEeRbXsSBgw9zz0tG55QUhgYYXksNykjh7C3fI + d6v16go2HKQD2VzTaUXD7XuSXm06AEQAPQZmPATSAwNv4JL2AQKCAQEA6myUSf0t + Wq1wVNlFGyG+SPGnbtLAgX06Zcpup1o4nyeWCaPpnkcrlukv4wx5A/caa5FcLhGf + Mixt0UwAdLMXIBQuGE/W17hnRe0UpdD7+tMZtgpidQPtOcxzBDphWJbJSQ+2rktS + gLmDPPHrYEmRwhPKjCsJDl+CeZoVzdXQN8hXW2g8tb1aMWvQ5MfSF2uf3CdR7sIi + U0d+MbGj4+NVxCDGa9DcWlkKsLkHL/UhLlz8jVaqYW0SGWHD2z951syRszxtGHJf + 4ypmEDF5P5EU8M+7d3B6GVpgnjzTpcEAIejWdtY8qn3rUECMVFIn1JbQb3F6lwwd + XbFaYBxnpbXQgQKCAQEAxAuQHrIfmdTYmluBkjvKZbnsr/wpJMFK/E+d1VwPl/WV + FRaoBX0WDKZQQ8xlcPDrsgHi9O4Vz7pT54wFZC4tDLCa0XEtyxeDnyawnEE02U3B + QWQCrj39lXwvrDR/eEV7Mk+29cN7BaPxzMaYOlXnSX5q02+7M8RarEvBHnmEERqW + bq0FQjSf4GiuAaPK3R9YjLSua2MCtPGCQaXTFY5GRrSW9DD5Bg7d1MuIwhD4eVAK + Kcr7QTeoM+xmPoyq1J7gH1E5gy8XWRDoUOtevmyaFlqdHNorXhSTieYrEBhAhxVv + 9ppGrO3+4RaFNsAgRRGddVS7SbSYNfuiN1Wx87PxVQKCAQEA2VDCvzxW2SLDacTo + zVggoFp1DsWM8/11L3vTzIxUxSXbbyBmp/XuML4HSIH9hXGDKojcXVC0tbx+KXI9 + UfHb1D8g5CTPU7d89VPsujLcBQ/BXAKQd02mktg3H4pHR+qwumw4u6bT2sUfJlZW + DzLkTnguYnZatNpRiA0RfXlixvOQGAqvjQL2I66BPjUHS/LXhS1mROHvFCjIkaTN + +6p5jZGcn8JFI/Q7dsxwH0Ms+V/2N8hJtnt4NdNtz0gu2LNXtkKkF++feGWLrCNQ + 9V63fO32Kak5Z1tjCg31XklmqAjDF/NO1fZZOFI+RMTMa8VLgKRAMtpmNr78uvBa + HUJJAQKCAQAyz7Ro4E3kdxA04aaxmiGZQBkie77GMfsXbiNAW34HKrWbI6Yk1gjS + +oAvMljQbwEHwAls5hBtKKP6jYYQMw+mDFf0FNuDmfKZW1PHC/eAovCF3D/9nT+O + cQOCJJEtQQTvQ03uYN4P1jAjnQ1zgTRTDhrt9jWU8z11DqVdGq2qKTP4N4v3XuBZ + L4h6EFPR///ZaDMUzjKzZy0Vir8tBRUd2kyNueuxMEU6lA48Dl34Q1B/CIcanixQ + WOMfLyJPvWXleA3p/FiW0xUDdB24STmetZmnErzOw5KB2VAr+b0vxdShG9dZls3K + 1SVtzVoPzML82Bs6vT3+L9wZb3KR8X+JAoIBAGmKO9+3x0ey2sjbFbMx+JyPAnZH + xu2NO0UHLMd/c1rbGlh3Z0len5rozzH8gs1y/dcQ59ZF1WhQGw7udcGEi/wGd4bi + AGwQuplxUL9YlkI6YQb3HAeY2nrO2FCSsAUaIw71HEHvSjE5Sd9X9y8oN4RTjbLz + KMmErltPQmrxfQyPVLegBX14k5FH6wFo7XII8OCaP706c6wW4toRNnOY5+RSTyQU + /rAO+z9AI3Nu5Q13Bp7a+5hwfaJl/zs/lDd+Wf8XBS6dQ4epx83SeqrJwUuRmiXh + 68PLpA9vOfRoA24k20EZEmWdtF7SF76QGK80F7BYw/ZZex6yhiMlhABvS2g= + -----END RSA PRIVATE KEY----- + # -- String with certificate (chain) in PEM format + cert: | + -----BEGIN CERTIFICATE----- + MIIGZzCCBE+gAwIBAgIJALTnY4ETe5dRMA0GCSqGSIb3DQEBCwUAMGoxCzAJBgNV + BAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAoTBkZJV0FSRTEWMBQGA1UE + AxQNRklXQVJFLUNBX1RMUzEhMB8GCSqGSIb3DQEJARYScm9vdC1jYUBmaXdhcmUu + b3JnMB4XDTIzMDEzMTE1MDQzOVoXDTI4MDEzMDE1MDQzOVowgbMxCzAJBgNVBAYT + AkRFMQ8wDQYDVQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEdMBsGA1UECgwU + U2VydmljZSBDb25zdW1lciBPbmUxHTAbBgNVBAMMFFNlcnZpY2UtQ29uc3VtZXIt + T25lMSQwIgYJKoZIhvcNAQkBFhVhZG1pbkBjb25zdW1lcm9uZS5jb20xHjAcBgNV + BAUTFUVVLkVPUkkuREVDT05TVU1FUk9ORTCCAiIwDQYJKoZIhvcNAQEBBQADggIP + ADCCAgoCggIBALOFuCw0RAiUEaom3Fw4850RPLKXlPVSs3PvKaEaElldy2AZuskg + Vd0Nc8t5dBI7ua1LYN8PC/WPJSgNUZAMMmJ6j4ScQHJrvZHFLZkC2KmPmhIoAWfX + UYex09g8iAd85x0w8eHkPdbzhTUXUOn8Dl7GqWMEUkxPkvAHnfxPKmaN14L5CWpF + RZ7zsNob929+HlaR2XFmZs0gXRJlJZ/wJnRekeaDZ8n3pyKB9Q00+Pw+g3TYJBgf + NBhbz/73btww0ILXAOho1v9JRvRMFLLfCpzV5TkJ/A3GQsWUqzieTi1X6j9km0xU + g+tQooyw4gzsx7iLAb0jQvBPwtq9pXgpbFfOXER/YV4XvTsB7Jjjg8Ve9hUKVNe4 + JnRWTHN6LV4z60p3NKadUoE9mLSS2ZHUQjY51I+N3ovRj8zp29JmPzgnxw9eL7MS + 3wqhIjfs4fRh3pzTOnbQAEZCIAP2O8kd+Ad1MC9NTn9hLlz36ellyVrsFuoSLSZK + zMpyiv9SMr5sIuTTkDIiMeZzkyZJZzMR2n3L0JmeTcs65vS95dK+MxqFNAik0SVX + AfpX+kTmL67mNqrc6fpk2tvSLPFzGWUc+YrsE3nhuEp+OrTsqp/2iGlLawKVQicv + JF3y35bTKyZ1qMRThVyL+RfE1JaoEEttkjEZjl+NO8lXTRoScqZr2qvVAgMBAAGj + gcUwgcIwCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwMwYJYIZIAYb4QgEN + BCYWJE9wZW5TU0wgR2VuZXJhdGVkIENsaWVudCBDZXJ0aWZpY2F0ZTAdBgNVHQ4E + FgQUuBPTtcuLpRXYEjIsQaQjfEQ1lxowHwYDVR0jBBgwFoAUJB/hBsZhiGQd1NTR + NlJwMAXbbIMwDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggr + BgEFBQcDBDANBgkqhkiG9w0BAQsFAAOCAgEAUapFF47uERviYMncg5mnePW3x23U + RdLL9TR2tAjdEAGG2VYH5p6aL7+Nm4EI5BOwuX5G9tzyDtRyU9DwfZuoJbdXHPVP + CQVedErtLTsiNIqTbvPcqvZaOPKN8KSjpAaZHuXwRm4fdutBpXXv8yCNtng8ePbV + d9hshJKvYWDlcZbzcPCqL0jar+nd+1514p32ecKAaETe5qrnwupLto/7yRsopmNQ + 37FuQ0Hd+CPOJWyqTVeRxeOXd5IEzE+xHjzpei0cAALYi+DyIW92yyUk5YPp6tGD + GmNdpdCKqSO1IRI/6Ndqj+qhJ7Rc67j+LA5pXZX+BW2H8/74OBw5bJYT7Vly6mfK + c0hVfgdoqU1jlgtMq/8Y1fdbxoNl53FEkW+J3CnhsxnEslm9q8K+f5Q0x1LE+nBA + 9Y9uV/9KIIGZbZDxeCUB8ulGui89nOuQx5QBeZxBrWFpy/Wb8gwrSccw1w80ob2a + VJ48MKJ9AsmbFKLP13VfSin2PpfWxYwhMm0zxFJDC/QAoO7NUyvN5YlRtJnOeyTe + Ya+MhnWEmUeJStnPcllo39OwaOuLK9cGwl6ykw49C0RM/qcaYTgtjNefxW+Rx7fu + 8FI8dWzIGB7nGDtZLLyDDnH0hr3gXWqGw5QbgABP0abtrrhrF5LAcO4dsL1QuBLg + uL2MFDn2nuLEx7c= + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIFwjCCA6qgAwIBAgIBATANBgkqhkiG9w0BAQsFADB3MQswCQYDVQQGEwJERTEP + MA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBkZJV0FS + RTESMBAGA1UEAxMJRklXQVJFLUNBMSEwHwYJKoZIhvcNAQkBFhJyb290LWNhQGZp + d2FyZS5vcmcwHhcNMjIwOTIxMTIwNDUzWhcNMjkxMjIzMTIwNDUzWjBqMQswCQYD + VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQKEwZGSVdBUkUxFjAUBgNV + BAMUDUZJV0FSRS1DQV9UTFMxITAfBgkqhkiG9w0BCQEWEnJvb3QtY2FAZml3YXJl + Lm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANjtrG/NDN2PtA7l + 1fU9U42abgOyMryMRoT3DB/SlOnGcg8JeWEyha4t8znZMduwP7lMUq281rS3pEZf + R3lUBfXhC5cBUjQDLKlYdVWTVJTTqhhMLwyNrerd4RIVkx5vMgEfObFkJOjCxDR2 + +bFEHLyXwUaFFz8EAUj8kLsphHIuXv3NLSWiKWH2xYVOx1DKxwAZ+dqTueGyeOvi + QvO5r78uOG9NjwXw46boREKNSleDXpQMEG94gzgZygjdQ1tR3a/0K8QMlgBI12NO + pa6XL+an5l5iSzB/oYzZguAX0HGumMUvr4zhKiPzgiKyRrFf1mOjEUpgUV9rDH35 + MNv5cjgjFR1CdvPgveZc7zjZWT4786U8NZ6Wa/jRfiPUISykUps3zfsOq2jWNqSz + u+LSGcoXRcaL0bIjuScQkVaH3BFua4SuU75bifMaZqol/xVA4CONqXkFkihyuqw2 + eu86045w+XiPpZ1NYa+wdE9pR6RBNgb9vG8Po+43TLe0phxbB8eO5Xokpq2Qe9Hx + NbrF6sI03n/9VQXmIRcaLvtQ+k2a0sPcmMi0s1b5GCqmf13OlWRxTqPWLuKy8i8c + yiq2q/XVNpZ5UdIf47rkkI8PGLKe6Nzh/uhd0ZCn0t5Hu8nRS7hi/XCfJ+he6QRg + KCGSXITG0IwjA50gyaFo6c/9VRePAgMBAAGjZjBkMB0GA1UdDgQWBBQkH+EGxmGI + ZB3U1NE2UnAwBdtsgzAfBgNVHSMEGDAWgBR/813uZ43zu/7iXBl2WsWTuSlmDjAS + BgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsF + AAOCAgEAVgpKfvpk9uyb16VIWs3uksYzgwJyjGqpJ0j9FmTrg4HyrzfXLKlDX09W + 6RaEZ8dVGPugNsLTA/WXWsejWjaj8Ygk8sy5OLQ/qVO9MFEK5muco2O4Au8GjrOM + x+Y65DMUByHPHPhUhBapUzSz4ho4rpqabHYc0FIq5tmSMweNUG9rcPRMx9//anOc + 4fkw9Rkvl0oMXHBqDeluLVgfN6xuJX8pqZidgvj6P3Zg7dJqj+1RSNuVdfWwDTug + 25p/VAZqKeFY1UrdbRmREQ22tjgw9eH0+8fv4hK5gWfR8U1qNOIBwRAQasUcOs4T + tot/QakAb/aP753p2wg2prm/pByB2S3uTcuayj6Z8OUYKQwnF6pLa9HwKOObTD6K + kRP2OlcPQwwNXzZiHs3eiVgAAoyCSc1I1PIKA64iAJXHsFsCHJzBBStrZLdL1Xcx + GeurZHg7nulEcMZ32JEShxqPsH/YqorO2RzP4XhsUMh7mEHCLMCZHphzjip5kaoi + y1Q7+Q1/P0kf7yUTCLudp+20Vm5kFcy9zLLggl7EUkru6djv5q2cbPSz0J/NnPjR + GOFMlCrJ/DjWNJN0Ss/k3rCuhQbzZGyNw1vQCc602VNpJT5N7N9H7tKaZlE89G1k + oU/RLlGTDpD/RxBX2s9oFiO4yIX5+R2nfKW36uC9f4hiYT6sRvE= + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIGUTCCBDmgAwIBAgIJAOA3HGewsq2PMA0GCSqGSIb3DQEBCwUAMHcxCzAJBgNV + BAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UE + ChMGRklXQVJFMRIwEAYDVQQDEwlGSVdBUkUtQ0ExITAfBgkqhkiG9w0BCQEWEnJv + b3QtY2FAZml3YXJlLm9yZzAeFw0yMjA5MjExMTU5MjNaFw0zMjA5MTgxMTU5MjNa + MHcxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxp + bjEPMA0GA1UEChMGRklXQVJFMRIwEAYDVQQDEwlGSVdBUkUtQ0ExITAfBgkqhkiG + 9w0BCQEWEnJvb3QtY2FAZml3YXJlLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIP + ADCCAgoCggIBAJvAjZJxXckYB11eSRHpQKSoHwXaBmp4S6Tn5JZ6mUy4Z7c0oINg + mcajIXZwXEU3W+rxd40OMVB2CcoYScxsTF7nrN1LIuSnYYL02yq3pqWe1JpZlAA5 + qakI1x6kx3duj8YocmdZlLDSZt699lN6+7rMdahm0Vcy9Ir7sE23oNMDgzMhTCkq + OzDfElDYRnpuH6eU3tcToAqkBAQ0qVcfmudsTuGpZ4JrrWgacaB9Ef0hENM5IAK3 + 7/rpfYDiKr+5j2VMfuUJ2WlhkiHUNt1Y9UfTrW6qLvnXjM8LjhHrzA2nB6zt9nVW + iq4K36Ci/nsEAgiJj31mvhufmqBU2Q4SXOWVf73v7QM1ObHps5XuCav1Nh/gKcRe + Qj1a/nFz+IhENVHlmdPUI2f2/5j/R11oaKeOcLIOeMdt9xzAtCaBYwlhwmgQF2/l + 8dbOugcE2PsWS01rPT735hQ+iJNNWM2791ufhPC/dEQpTP36L4JxUeQgUJfmDZCX + NEZOFEek8gwmJTySIbnE43oHWMixHtAsUFDa+TYDZtkGWGsQFTsRfh79DTcniJcu + Gm9rYsYCo54870rkzJwDc73LBIL+5mnUUd1utoI94x72FO1bm4nIKCbSUylrwCaX + 4F5K8bSyfZFUVhW1u/nVo7k5cbwviESYnfFrlO9kZIdbCkLIm5vp0RMzAgMBAAGj + gd8wgdwwHQYDVR0OBBYEFH/zXe5njfO7/uJcGXZaxZO5KWYOMIGpBgNVHSMEgaEw + gZ6AFH/zXe5njfO7/uJcGXZaxZO5KWYOoXukeTB3MQswCQYDVQQGEwJERTEPMA0G + A1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBkZJV0FSRTES + MBAGA1UEAxMJRklXQVJFLUNBMSEwHwYJKoZIhvcNAQkBFhJyb290LWNhQGZpd2Fy + ZS5vcmeCCQDgNxxnsLKtjzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA + A4ICAQCQiR/V4p9VDv2/61apgsUWxyRXa4HXPpuxsTWL/8Z2ztgHiHClmHt48q59 + rn3gGbrXj1sMapCawfN7n7gCJAzCOcwZrNdSiHjBkEOgBSTKoiTfMCcrhLaQP6z6 + 6pY+ZJlL5BbhkMd95gAua0VL7W3zt4nDvYB1trzoDlIZPuAYVrAm7xB4CuZVdJDW + 7QpNykH6Er58FiRFOMHP+KvPJm3nZVq6hcQ78XQf6Dco55PsZspXmBLMlTZmKKr2 + rpHHdg9ewayQqkCYiRm+Yr6G1tfkKCehKYdz3ORWVfJ+NrwOEQbRfPuDG2YdQo4+ + R7sXeYMJIEzHHXvO59yiZqPuKok839d7kkrZSqkEZXQSvSolXhqNWH3p7IuOX1/P + ph1jPFZT+RrORbInUwoScPWsK8yh+mYo9h/+QbA/vZeve0/ExrFCUj2BwHa5scnm + 1uororcEuRkFJjDMX4tJOGv9t/C3+kORSKJSgmPmSZ2XM/jLCIhfDWxlpwFNSJJQ + F69uygJdFZNlo1jl6fG5lrwWNhArnI49WLQrEmjwG/1zUQz5EiDt8GTKFGNBJNxV + kb2CZS4H8+GB2UK1nsk+Fv9Joc4CFp6LOvXSJ9m8O/9GIfqOwbl12ldN9/9Oyia5 + gty2Gjmr0kunFqqelUzoqMc7Jh/8EPPjVpK3gJUdZM4JlSHZjA== + -----END CERTIFICATE----- + +## Init scripts for Keyrock +initScript: + createUser: + enabled: true + id: one + user: + - username: "user_prime" + email: "max.prime@mymail.com" + password: "prime" + - username: "user_standard" + email: "steve.standard@mymail.com" + password: "standard" + + + diff --git a/applications/consumer-keyrock/Chart.yaml b/applications/consumer-keyrock/Chart.yaml new file mode 100644 index 0000000..ef6fed8 --- /dev/null +++ b/applications/consumer-keyrock/Chart.yaml @@ -0,0 +1,12 @@ +apiVersion: v2 +name: pdc-keyrock +description: Chart holder for argo-cd + +type: application +version: 0.5.0 +appVersion: "8.3.0" + +dependencies: + - name: keyrock + version: 0.5.0 + repository: https://fiware.github.io/helm-charts diff --git a/applications/consumer-keyrock/templates/create-user-cm.yaml b/applications/consumer-keyrock/templates/create-user-cm.yaml new file mode 100644 index 0000000..533e652 --- /dev/null +++ b/applications/consumer-keyrock/templates/create-user-cm.yaml @@ -0,0 +1,62 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: consumer-{{ .Values.initScript.createUser.id }}-user-cm + annotations: + "helm.sh/hook": post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation + "helm.sh/hook-weight": "1" +data: + entrypoint.sh: |- + pip install requests + echo "Creating users..." + python /scripts/create.py + create.py: |- + import requests + from requests.exceptions import HTTPError + import sys + + def main(): + KEYROCK_HOST = {{ .Values.keyrock.host | quote }} + + # Login + login_data = { + 'name': {{ .Values.keyrock.admin.email | quote }}, + 'password': {{ .Values.keyrock.admin.password | quote }} + } + login_header = { + 'Content-Type': 'application/json' + } + login_response = requests.post(KEYROCK_HOST+'/v1/auth/tokens', json=login_data, headers=login_header) + try: + login_response.raise_for_status() + except HTTPError as e: + print(e.response.text) + sys.exit(1) + token = login_response.headers["X-Subject-Token"] + + # Create user + user_header = { + 'Content-Type': 'application/json', + 'X-Auth-token': token + } + + {{- range $u := .Values.initScript.createUser.user }} + user_data = { + 'user': { + 'username': {{ $u.username | quote }}, + 'email': {{ $u.email | quote }}, + 'password': {{ $u.password | quote }} + } + } + user_response = requests.post(KEYROCK_HOST+'/v1/users', json=user_data, headers=user_header) + try: + user_response.raise_for_status() + except HTTPError as e: + print(e.response.text) + sys.exit(1) + + {{- end }} + + if __name__ == "__main__": + main() diff --git a/applications/consumer-keyrock/templates/post-hook-user.yaml b/applications/consumer-keyrock/templates/post-hook-user.yaml new file mode 100644 index 0000000..3d75baf --- /dev/null +++ b/applications/consumer-keyrock/templates/post-hook-user.yaml @@ -0,0 +1,26 @@ +{{- if .Values.initScript.createUser.enabled -}} +apiVersion: v1 +kind: Pod +metadata: + name: consumer-user-create-{{ randAlphaNum 5 | lower }} + annotations: + "helm.sh/hook": post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation + "helm.sh/hook-weight": "1" +spec: + containers: + - name: consumer-keyrock-user-create + image: python:3 + command: + - /bin/sh + - /scripts/entrypoint.sh + volumeMounts: + - name: scripts + mountPath: /scripts + volumes: + - name: scripts + configMap: + name: consumer-{{ .Values.initScript.createUser.id }}-user-cm + restartPolicy: Never + +{{- end }} diff --git a/applications/consumer-keyrock/values.yaml b/applications/consumer-keyrock/values.yaml new file mode 100644 index 0000000..eed693d --- /dev/null +++ b/applications/consumer-keyrock/values.yaml @@ -0,0 +1,271 @@ +keyrock: + statefulset: + image: + repository: fiware/idm + tag: 8.3.0 + #pullPolicy: Always + pullPolicy: IfNotPresent + + db: + user: root + password: dbPassword + host: mysql + + admin: + user: admin + password: admin + email: admin@test.com + + route: + enabled: true + routes: + - tls: + termination: edge + insecureEdgeTerminationPolicy: Redirect + + theme: + ## -- Enable theme + enabled: true + ## -- Name of the theme + name: i4trust-happypets + ## -- Size of PVCs to be created + size: 1Gi + ## Image which holds the theme files + image: i4trust/keyrock-theme-happypets:1.0.0 + ## -- specification of the image pull policy + imagePullPolicy: Always + ## Path to the source theme files inside the container + sourceTheme: /themes/i4trust-happypets + ## Path to the source image files inside the container + sourceImg: /img/i4trust-happypets + ## Optional: Path to the source favicon directory inside the container + sourceFavicon: /favicon + ## Mount path for the source theme files + mountTheme: /opt/fiware-idm/themes/i4trust-happypets + ## Mount path for the source image files + mountImg: /opt/fiware-idm/public/img/i4trust-happypets + ## Mount path for the source favicon + mountFavicon: /opt/fiware-idm/public/favicon.ico + + ## Configuration of Authorisation Registry (AR) + authorisationRegistry: + # -- Enable usage of authorisation registry + enabled: true + # -- Identifier (EORI) of AR + identifier: "EU.EORI.DECONSUMERONE" + # -- URL of AR + url: "internal" + + ## Configuration of iSHARE Satellite + satellite: + # -- Enable usage of satellite + enabled: true + # -- Identifier (EORI) of satellite + identifier: "EU.EORI.FIWARESATELLITE" + # -- URL of satellite + url: "https://ishare-satellite-i4t-consumer-main.apps.fiware.fiware.dev" + # -- Token endpoint of satellite + tokenEndpoint: "https://ishare-satellite-i4t-consumer-main.apps.fiware.fiware.dev/token" + # -- Parties endpoint of satellite + partiesEndpoint: "https://ishare-satellite-i4t-consumer-main.apps.fiware.fiware.dev/parties" + + additionalEnvVars: + - name: IDM_TITLE + value: "Happy Pets Inc. - Company Portal" + - name: IDM_DEBUG + value: "true" + - name: DEBUG + value: "*" + - name: IDM_DB_NAME + value: i4t_consumer_idm + - name: IDM_DB_SEED + value: "true" + - name: IDM_EMAIL_HOST + value: "mailgun-fiware-io.infra.svc.cluster.local" + - name: IDM_EMAIL_PORT + value: "25" + - name: IDM_EMAIL_ADDRESS + value: "happypets-keyrock@fiware.dev" + - name: IDM_SERVER_MAX_HEADER_SIZE + value: "32768" + + ## -- Configuration of local key and certificate for validation and generation of tokens + token: + # -- Enable storage of local key and certificate + enabled: true + # -- Identifier (EORI) of local organisation + identifier: "EU.EORI.DECONSUMERONE" + # -- String with private key in PEM format + key: | + -----BEGIN RSA PRIVATE KEY----- + MIIJKAIBAAKCAgEAs4W4LDRECJQRqibcXDjznRE8speU9VKzc+8poRoSWV3LYBm6 + ySBV3Q1zy3l0Eju5rUtg3w8L9Y8lKA1RkAwyYnqPhJxAcmu9kcUtmQLYqY+aEigB + Z9dRh7HT2DyIB3znHTDx4eQ91vOFNRdQ6fwOXsapYwRSTE+S8Aed/E8qZo3XgvkJ + akVFnvOw2hv3b34eVpHZcWZmzSBdEmUln/AmdF6R5oNnyfenIoH1DTT4/D6DdNgk + GB80GFvP/vdu3DDQgtcA6GjW/0lG9EwUst8KnNXlOQn8DcZCxZSrOJ5OLVfqP2Sb + TFSD61CijLDiDOzHuIsBvSNC8E/C2r2leClsV85cRH9hXhe9OwHsmOODxV72FQpU + 17gmdFZMc3otXjPrSnc0pp1SgT2YtJLZkdRCNjnUj43ei9GPzOnb0mY/OCfHD14v + sxLfCqEiN+zh9GHenNM6dtAARkIgA/Y7yR34B3UwL01Of2EuXPfp6WXJWuwW6hIt + JkrMynKK/1Iyvmwi5NOQMiIx5nOTJklnMxHafcvQmZ5Nyzrm9L3l0r4zGoU0CKTR + JVcB+lf6ROYvruY2qtzp+mTa29Is8XMZZRz5iuwTeeG4Sn46tOyqn/aIaUtrApVC + Jy8kXfLfltMrJnWoxFOFXIv5F8TUlqgQS22SMRmOX407yVdNGhJypmvaq9UCAwEA + AQKCAgB3sQ0FM+e0THymlHhRaItMSoTMkfH3yqbpAikgR1C6kqWZMi5uEIgO9Pwi + SpzP11BJsTsqHU8c7s6YMKETyH4DWLG9eawiXaErwmpPXS11h8/ykQe240Fxlmen + AVy0mVtCBDMRJ+rvGLfUmPISv0IZgJzI7sWsKVXPgVSdN28Opz1sDnxvhTYQ72sX + UJQdmtnBYEa4q8yYsR48uIFobGZHKhJevXgCmYKuqDTpFEt5anic+8q85nkGUJiR + 5wjb+BPdWFo7mkLWPFX5ZYxbYggiXx4QdI6/5FL6hs/N1QZMhxQgJgTA1IyL5Nwr + r3dXpLrYWJ3VK+Bidtt0mgLr5bpchbDEkD0y3elcIoy6s+20gtl5sQ4/l2Kq19eP + ASlX2JDZJ1VmDKkB0MKYV/XzofxwnTYS1t4yHIwZcRmWVR6yH8X5kYGF/iKnRuvf + GfGh8Sv2R4R8uE7Gi//709z1eQusaID9zckw3LJyIEaBFv6aoeX40CJ3CE0QwgxP + rfb8+fmYzJJR8+lgwh6qXX1eLbaqOTrZwS7U+G8wtFDL8JgNqqrZx+vs5X79qPNf + rXbYEbUVYzd5A2+x03PxN6Ig+FUEeRbXsSBgw9zz0tG55QUhgYYXksNykjh7C3fI + d6v16go2HKQD2VzTaUXD7XuSXm06AEQAPQZmPATSAwNv4JL2AQKCAQEA6myUSf0t + Wq1wVNlFGyG+SPGnbtLAgX06Zcpup1o4nyeWCaPpnkcrlukv4wx5A/caa5FcLhGf + Mixt0UwAdLMXIBQuGE/W17hnRe0UpdD7+tMZtgpidQPtOcxzBDphWJbJSQ+2rktS + gLmDPPHrYEmRwhPKjCsJDl+CeZoVzdXQN8hXW2g8tb1aMWvQ5MfSF2uf3CdR7sIi + U0d+MbGj4+NVxCDGa9DcWlkKsLkHL/UhLlz8jVaqYW0SGWHD2z951syRszxtGHJf + 4ypmEDF5P5EU8M+7d3B6GVpgnjzTpcEAIejWdtY8qn3rUECMVFIn1JbQb3F6lwwd + XbFaYBxnpbXQgQKCAQEAxAuQHrIfmdTYmluBkjvKZbnsr/wpJMFK/E+d1VwPl/WV + FRaoBX0WDKZQQ8xlcPDrsgHi9O4Vz7pT54wFZC4tDLCa0XEtyxeDnyawnEE02U3B + QWQCrj39lXwvrDR/eEV7Mk+29cN7BaPxzMaYOlXnSX5q02+7M8RarEvBHnmEERqW + bq0FQjSf4GiuAaPK3R9YjLSua2MCtPGCQaXTFY5GRrSW9DD5Bg7d1MuIwhD4eVAK + Kcr7QTeoM+xmPoyq1J7gH1E5gy8XWRDoUOtevmyaFlqdHNorXhSTieYrEBhAhxVv + 9ppGrO3+4RaFNsAgRRGddVS7SbSYNfuiN1Wx87PxVQKCAQEA2VDCvzxW2SLDacTo + zVggoFp1DsWM8/11L3vTzIxUxSXbbyBmp/XuML4HSIH9hXGDKojcXVC0tbx+KXI9 + UfHb1D8g5CTPU7d89VPsujLcBQ/BXAKQd02mktg3H4pHR+qwumw4u6bT2sUfJlZW + DzLkTnguYnZatNpRiA0RfXlixvOQGAqvjQL2I66BPjUHS/LXhS1mROHvFCjIkaTN + +6p5jZGcn8JFI/Q7dsxwH0Ms+V/2N8hJtnt4NdNtz0gu2LNXtkKkF++feGWLrCNQ + 9V63fO32Kak5Z1tjCg31XklmqAjDF/NO1fZZOFI+RMTMa8VLgKRAMtpmNr78uvBa + HUJJAQKCAQAyz7Ro4E3kdxA04aaxmiGZQBkie77GMfsXbiNAW34HKrWbI6Yk1gjS + +oAvMljQbwEHwAls5hBtKKP6jYYQMw+mDFf0FNuDmfKZW1PHC/eAovCF3D/9nT+O + cQOCJJEtQQTvQ03uYN4P1jAjnQ1zgTRTDhrt9jWU8z11DqVdGq2qKTP4N4v3XuBZ + L4h6EFPR///ZaDMUzjKzZy0Vir8tBRUd2kyNueuxMEU6lA48Dl34Q1B/CIcanixQ + WOMfLyJPvWXleA3p/FiW0xUDdB24STmetZmnErzOw5KB2VAr+b0vxdShG9dZls3K + 1SVtzVoPzML82Bs6vT3+L9wZb3KR8X+JAoIBAGmKO9+3x0ey2sjbFbMx+JyPAnZH + xu2NO0UHLMd/c1rbGlh3Z0len5rozzH8gs1y/dcQ59ZF1WhQGw7udcGEi/wGd4bi + AGwQuplxUL9YlkI6YQb3HAeY2nrO2FCSsAUaIw71HEHvSjE5Sd9X9y8oN4RTjbLz + KMmErltPQmrxfQyPVLegBX14k5FH6wFo7XII8OCaP706c6wW4toRNnOY5+RSTyQU + /rAO+z9AI3Nu5Q13Bp7a+5hwfaJl/zs/lDd+Wf8XBS6dQ4epx83SeqrJwUuRmiXh + 68PLpA9vOfRoA24k20EZEmWdtF7SF76QGK80F7BYw/ZZex6yhiMlhABvS2g= + -----END RSA PRIVATE KEY----- + # -- String with certificate (chain) in PEM format + cert: | + -----BEGIN CERTIFICATE----- + MIIGZzCCBE+gAwIBAgIJALTnY4ETe5dRMA0GCSqGSIb3DQEBCwUAMGoxCzAJBgNV + BAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAoTBkZJV0FSRTEWMBQGA1UE + AxQNRklXQVJFLUNBX1RMUzEhMB8GCSqGSIb3DQEJARYScm9vdC1jYUBmaXdhcmUu + b3JnMB4XDTIzMDEzMTE1MDQzOVoXDTI4MDEzMDE1MDQzOVowgbMxCzAJBgNVBAYT + AkRFMQ8wDQYDVQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEdMBsGA1UECgwU + U2VydmljZSBDb25zdW1lciBPbmUxHTAbBgNVBAMMFFNlcnZpY2UtQ29uc3VtZXIt + T25lMSQwIgYJKoZIhvcNAQkBFhVhZG1pbkBjb25zdW1lcm9uZS5jb20xHjAcBgNV + BAUTFUVVLkVPUkkuREVDT05TVU1FUk9ORTCCAiIwDQYJKoZIhvcNAQEBBQADggIP + ADCCAgoCggIBALOFuCw0RAiUEaom3Fw4850RPLKXlPVSs3PvKaEaElldy2AZuskg + Vd0Nc8t5dBI7ua1LYN8PC/WPJSgNUZAMMmJ6j4ScQHJrvZHFLZkC2KmPmhIoAWfX + UYex09g8iAd85x0w8eHkPdbzhTUXUOn8Dl7GqWMEUkxPkvAHnfxPKmaN14L5CWpF + RZ7zsNob929+HlaR2XFmZs0gXRJlJZ/wJnRekeaDZ8n3pyKB9Q00+Pw+g3TYJBgf + NBhbz/73btww0ILXAOho1v9JRvRMFLLfCpzV5TkJ/A3GQsWUqzieTi1X6j9km0xU + g+tQooyw4gzsx7iLAb0jQvBPwtq9pXgpbFfOXER/YV4XvTsB7Jjjg8Ve9hUKVNe4 + JnRWTHN6LV4z60p3NKadUoE9mLSS2ZHUQjY51I+N3ovRj8zp29JmPzgnxw9eL7MS + 3wqhIjfs4fRh3pzTOnbQAEZCIAP2O8kd+Ad1MC9NTn9hLlz36ellyVrsFuoSLSZK + zMpyiv9SMr5sIuTTkDIiMeZzkyZJZzMR2n3L0JmeTcs65vS95dK+MxqFNAik0SVX + AfpX+kTmL67mNqrc6fpk2tvSLPFzGWUc+YrsE3nhuEp+OrTsqp/2iGlLawKVQicv + JF3y35bTKyZ1qMRThVyL+RfE1JaoEEttkjEZjl+NO8lXTRoScqZr2qvVAgMBAAGj + gcUwgcIwCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwMwYJYIZIAYb4QgEN + BCYWJE9wZW5TU0wgR2VuZXJhdGVkIENsaWVudCBDZXJ0aWZpY2F0ZTAdBgNVHQ4E + FgQUuBPTtcuLpRXYEjIsQaQjfEQ1lxowHwYDVR0jBBgwFoAUJB/hBsZhiGQd1NTR + NlJwMAXbbIMwDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggr + BgEFBQcDBDANBgkqhkiG9w0BAQsFAAOCAgEAUapFF47uERviYMncg5mnePW3x23U + RdLL9TR2tAjdEAGG2VYH5p6aL7+Nm4EI5BOwuX5G9tzyDtRyU9DwfZuoJbdXHPVP + CQVedErtLTsiNIqTbvPcqvZaOPKN8KSjpAaZHuXwRm4fdutBpXXv8yCNtng8ePbV + d9hshJKvYWDlcZbzcPCqL0jar+nd+1514p32ecKAaETe5qrnwupLto/7yRsopmNQ + 37FuQ0Hd+CPOJWyqTVeRxeOXd5IEzE+xHjzpei0cAALYi+DyIW92yyUk5YPp6tGD + GmNdpdCKqSO1IRI/6Ndqj+qhJ7Rc67j+LA5pXZX+BW2H8/74OBw5bJYT7Vly6mfK + c0hVfgdoqU1jlgtMq/8Y1fdbxoNl53FEkW+J3CnhsxnEslm9q8K+f5Q0x1LE+nBA + 9Y9uV/9KIIGZbZDxeCUB8ulGui89nOuQx5QBeZxBrWFpy/Wb8gwrSccw1w80ob2a + VJ48MKJ9AsmbFKLP13VfSin2PpfWxYwhMm0zxFJDC/QAoO7NUyvN5YlRtJnOeyTe + Ya+MhnWEmUeJStnPcllo39OwaOuLK9cGwl6ykw49C0RM/qcaYTgtjNefxW+Rx7fu + 8FI8dWzIGB7nGDtZLLyDDnH0hr3gXWqGw5QbgABP0abtrrhrF5LAcO4dsL1QuBLg + uL2MFDn2nuLEx7c= + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIFwjCCA6qgAwIBAgIBATANBgkqhkiG9w0BAQsFADB3MQswCQYDVQQGEwJERTEP + MA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBkZJV0FS + RTESMBAGA1UEAxMJRklXQVJFLUNBMSEwHwYJKoZIhvcNAQkBFhJyb290LWNhQGZp + d2FyZS5vcmcwHhcNMjIwOTIxMTIwNDUzWhcNMjkxMjIzMTIwNDUzWjBqMQswCQYD + VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQKEwZGSVdBUkUxFjAUBgNV + BAMUDUZJV0FSRS1DQV9UTFMxITAfBgkqhkiG9w0BCQEWEnJvb3QtY2FAZml3YXJl + Lm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANjtrG/NDN2PtA7l + 1fU9U42abgOyMryMRoT3DB/SlOnGcg8JeWEyha4t8znZMduwP7lMUq281rS3pEZf + R3lUBfXhC5cBUjQDLKlYdVWTVJTTqhhMLwyNrerd4RIVkx5vMgEfObFkJOjCxDR2 + +bFEHLyXwUaFFz8EAUj8kLsphHIuXv3NLSWiKWH2xYVOx1DKxwAZ+dqTueGyeOvi + QvO5r78uOG9NjwXw46boREKNSleDXpQMEG94gzgZygjdQ1tR3a/0K8QMlgBI12NO + pa6XL+an5l5iSzB/oYzZguAX0HGumMUvr4zhKiPzgiKyRrFf1mOjEUpgUV9rDH35 + MNv5cjgjFR1CdvPgveZc7zjZWT4786U8NZ6Wa/jRfiPUISykUps3zfsOq2jWNqSz + u+LSGcoXRcaL0bIjuScQkVaH3BFua4SuU75bifMaZqol/xVA4CONqXkFkihyuqw2 + eu86045w+XiPpZ1NYa+wdE9pR6RBNgb9vG8Po+43TLe0phxbB8eO5Xokpq2Qe9Hx + NbrF6sI03n/9VQXmIRcaLvtQ+k2a0sPcmMi0s1b5GCqmf13OlWRxTqPWLuKy8i8c + yiq2q/XVNpZ5UdIf47rkkI8PGLKe6Nzh/uhd0ZCn0t5Hu8nRS7hi/XCfJ+he6QRg + KCGSXITG0IwjA50gyaFo6c/9VRePAgMBAAGjZjBkMB0GA1UdDgQWBBQkH+EGxmGI + ZB3U1NE2UnAwBdtsgzAfBgNVHSMEGDAWgBR/813uZ43zu/7iXBl2WsWTuSlmDjAS + BgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsF + AAOCAgEAVgpKfvpk9uyb16VIWs3uksYzgwJyjGqpJ0j9FmTrg4HyrzfXLKlDX09W + 6RaEZ8dVGPugNsLTA/WXWsejWjaj8Ygk8sy5OLQ/qVO9MFEK5muco2O4Au8GjrOM + x+Y65DMUByHPHPhUhBapUzSz4ho4rpqabHYc0FIq5tmSMweNUG9rcPRMx9//anOc + 4fkw9Rkvl0oMXHBqDeluLVgfN6xuJX8pqZidgvj6P3Zg7dJqj+1RSNuVdfWwDTug + 25p/VAZqKeFY1UrdbRmREQ22tjgw9eH0+8fv4hK5gWfR8U1qNOIBwRAQasUcOs4T + tot/QakAb/aP753p2wg2prm/pByB2S3uTcuayj6Z8OUYKQwnF6pLa9HwKOObTD6K + kRP2OlcPQwwNXzZiHs3eiVgAAoyCSc1I1PIKA64iAJXHsFsCHJzBBStrZLdL1Xcx + GeurZHg7nulEcMZ32JEShxqPsH/YqorO2RzP4XhsUMh7mEHCLMCZHphzjip5kaoi + y1Q7+Q1/P0kf7yUTCLudp+20Vm5kFcy9zLLggl7EUkru6djv5q2cbPSz0J/NnPjR + GOFMlCrJ/DjWNJN0Ss/k3rCuhQbzZGyNw1vQCc602VNpJT5N7N9H7tKaZlE89G1k + oU/RLlGTDpD/RxBX2s9oFiO4yIX5+R2nfKW36uC9f4hiYT6sRvE= + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIGUTCCBDmgAwIBAgIJAOA3HGewsq2PMA0GCSqGSIb3DQEBCwUAMHcxCzAJBgNV + BAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UE + ChMGRklXQVJFMRIwEAYDVQQDEwlGSVdBUkUtQ0ExITAfBgkqhkiG9w0BCQEWEnJv + b3QtY2FAZml3YXJlLm9yZzAeFw0yMjA5MjExMTU5MjNaFw0zMjA5MTgxMTU5MjNa + MHcxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxp + bjEPMA0GA1UEChMGRklXQVJFMRIwEAYDVQQDEwlGSVdBUkUtQ0ExITAfBgkqhkiG + 9w0BCQEWEnJvb3QtY2FAZml3YXJlLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIP + ADCCAgoCggIBAJvAjZJxXckYB11eSRHpQKSoHwXaBmp4S6Tn5JZ6mUy4Z7c0oINg + mcajIXZwXEU3W+rxd40OMVB2CcoYScxsTF7nrN1LIuSnYYL02yq3pqWe1JpZlAA5 + qakI1x6kx3duj8YocmdZlLDSZt699lN6+7rMdahm0Vcy9Ir7sE23oNMDgzMhTCkq + OzDfElDYRnpuH6eU3tcToAqkBAQ0qVcfmudsTuGpZ4JrrWgacaB9Ef0hENM5IAK3 + 7/rpfYDiKr+5j2VMfuUJ2WlhkiHUNt1Y9UfTrW6qLvnXjM8LjhHrzA2nB6zt9nVW + iq4K36Ci/nsEAgiJj31mvhufmqBU2Q4SXOWVf73v7QM1ObHps5XuCav1Nh/gKcRe + Qj1a/nFz+IhENVHlmdPUI2f2/5j/R11oaKeOcLIOeMdt9xzAtCaBYwlhwmgQF2/l + 8dbOugcE2PsWS01rPT735hQ+iJNNWM2791ufhPC/dEQpTP36L4JxUeQgUJfmDZCX + NEZOFEek8gwmJTySIbnE43oHWMixHtAsUFDa+TYDZtkGWGsQFTsRfh79DTcniJcu + Gm9rYsYCo54870rkzJwDc73LBIL+5mnUUd1utoI94x72FO1bm4nIKCbSUylrwCaX + 4F5K8bSyfZFUVhW1u/nVo7k5cbwviESYnfFrlO9kZIdbCkLIm5vp0RMzAgMBAAGj + gd8wgdwwHQYDVR0OBBYEFH/zXe5njfO7/uJcGXZaxZO5KWYOMIGpBgNVHSMEgaEw + gZ6AFH/zXe5njfO7/uJcGXZaxZO5KWYOoXukeTB3MQswCQYDVQQGEwJERTEPMA0G + A1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBkZJV0FSRTES + MBAGA1UEAxMJRklXQVJFLUNBMSEwHwYJKoZIhvcNAQkBFhJyb290LWNhQGZpd2Fy + ZS5vcmeCCQDgNxxnsLKtjzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA + A4ICAQCQiR/V4p9VDv2/61apgsUWxyRXa4HXPpuxsTWL/8Z2ztgHiHClmHt48q59 + rn3gGbrXj1sMapCawfN7n7gCJAzCOcwZrNdSiHjBkEOgBSTKoiTfMCcrhLaQP6z6 + 6pY+ZJlL5BbhkMd95gAua0VL7W3zt4nDvYB1trzoDlIZPuAYVrAm7xB4CuZVdJDW + 7QpNykH6Er58FiRFOMHP+KvPJm3nZVq6hcQ78XQf6Dco55PsZspXmBLMlTZmKKr2 + rpHHdg9ewayQqkCYiRm+Yr6G1tfkKCehKYdz3ORWVfJ+NrwOEQbRfPuDG2YdQo4+ + R7sXeYMJIEzHHXvO59yiZqPuKok839d7kkrZSqkEZXQSvSolXhqNWH3p7IuOX1/P + ph1jPFZT+RrORbInUwoScPWsK8yh+mYo9h/+QbA/vZeve0/ExrFCUj2BwHa5scnm + 1uororcEuRkFJjDMX4tJOGv9t/C3+kORSKJSgmPmSZ2XM/jLCIhfDWxlpwFNSJJQ + F69uygJdFZNlo1jl6fG5lrwWNhArnI49WLQrEmjwG/1zUQz5EiDt8GTKFGNBJNxV + kb2CZS4H8+GB2UK1nsk+Fv9Joc4CFp6LOvXSJ9m8O/9GIfqOwbl12ldN9/9Oyia5 + gty2Gjmr0kunFqqelUzoqMc7Jh/8EPPjVpK3gJUdZM4JlSHZjA== + -----END CERTIFICATE----- + +## Init scripts for Keyrock +initScript: + createUser: + enabled: true + id: one + user: + - username: "consumer-operator" + email: "operator@consumer.com" + password: "operator" + + + diff --git a/applications/mysql/Chart.yaml b/applications/mysql/Chart.yaml new file mode 100644 index 0000000..0b026c5 --- /dev/null +++ b/applications/mysql/Chart.yaml @@ -0,0 +1,12 @@ +apiVersion: v2 +name: mongo-db +description: Chart holder for argo-cd + +type: application +version: 1.0.0 +appVersion: "5.7" + +dependencies: +- name: mysql + version: 1.0.0 + repository: https://storage.googleapis.com/t3n-helm-charts diff --git a/applications/mysql/values.yaml b/applications/mysql/values.yaml new file mode 100644 index 0000000..8d740fe --- /dev/null +++ b/applications/mysql/values.yaml @@ -0,0 +1,26 @@ +mysql: + # Values for t3n/mysql Helm Chart + # + # Chart values file: + # ref: https://github.com/t3n/helm-charts/blob/master/mysql/values.yaml + # + # Deployment on FIWARE OpenShift Cluster + # *.apps.fiware.fiware.dev + # + + image: "mysql" + imageTag: "5.7" + + ## Specify password for root user + ## + ## Default: random 10 character string + mysqlRootPassword: dbPassword + + ## Persist data to a persistent volume + persistence: + enabled: false + + ## Security context + securityContext: + enabled: false + diff --git a/certs/consumerone.ca-chain.cert.pem b/certs/consumerone.ca-chain.cert.pem new file mode 100644 index 0000000..5adce32 --- /dev/null +++ b/certs/consumerone.ca-chain.cert.pem @@ -0,0 +1,106 @@ +-----BEGIN CERTIFICATE----- +MIIGZzCCBE+gAwIBAgIJALTnY4ETe5dRMA0GCSqGSIb3DQEBCwUAMGoxCzAJBgNV +BAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAoTBkZJV0FSRTEWMBQGA1UE +AxQNRklXQVJFLUNBX1RMUzEhMB8GCSqGSIb3DQEJARYScm9vdC1jYUBmaXdhcmUu +b3JnMB4XDTIzMDEzMTE1MDQzOVoXDTI4MDEzMDE1MDQzOVowgbMxCzAJBgNVBAYT +AkRFMQ8wDQYDVQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEdMBsGA1UECgwU +U2VydmljZSBDb25zdW1lciBPbmUxHTAbBgNVBAMMFFNlcnZpY2UtQ29uc3VtZXIt +T25lMSQwIgYJKoZIhvcNAQkBFhVhZG1pbkBjb25zdW1lcm9uZS5jb20xHjAcBgNV +BAUTFUVVLkVPUkkuREVDT05TVU1FUk9ORTCCAiIwDQYJKoZIhvcNAQEBBQADggIP +ADCCAgoCggIBALOFuCw0RAiUEaom3Fw4850RPLKXlPVSs3PvKaEaElldy2AZuskg +Vd0Nc8t5dBI7ua1LYN8PC/WPJSgNUZAMMmJ6j4ScQHJrvZHFLZkC2KmPmhIoAWfX +UYex09g8iAd85x0w8eHkPdbzhTUXUOn8Dl7GqWMEUkxPkvAHnfxPKmaN14L5CWpF +RZ7zsNob929+HlaR2XFmZs0gXRJlJZ/wJnRekeaDZ8n3pyKB9Q00+Pw+g3TYJBgf +NBhbz/73btww0ILXAOho1v9JRvRMFLLfCpzV5TkJ/A3GQsWUqzieTi1X6j9km0xU +g+tQooyw4gzsx7iLAb0jQvBPwtq9pXgpbFfOXER/YV4XvTsB7Jjjg8Ve9hUKVNe4 +JnRWTHN6LV4z60p3NKadUoE9mLSS2ZHUQjY51I+N3ovRj8zp29JmPzgnxw9eL7MS +3wqhIjfs4fRh3pzTOnbQAEZCIAP2O8kd+Ad1MC9NTn9hLlz36ellyVrsFuoSLSZK +zMpyiv9SMr5sIuTTkDIiMeZzkyZJZzMR2n3L0JmeTcs65vS95dK+MxqFNAik0SVX +AfpX+kTmL67mNqrc6fpk2tvSLPFzGWUc+YrsE3nhuEp+OrTsqp/2iGlLawKVQicv +JF3y35bTKyZ1qMRThVyL+RfE1JaoEEttkjEZjl+NO8lXTRoScqZr2qvVAgMBAAGj +gcUwgcIwCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwMwYJYIZIAYb4QgEN +BCYWJE9wZW5TU0wgR2VuZXJhdGVkIENsaWVudCBDZXJ0aWZpY2F0ZTAdBgNVHQ4E +FgQUuBPTtcuLpRXYEjIsQaQjfEQ1lxowHwYDVR0jBBgwFoAUJB/hBsZhiGQd1NTR +NlJwMAXbbIMwDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggr +BgEFBQcDBDANBgkqhkiG9w0BAQsFAAOCAgEAUapFF47uERviYMncg5mnePW3x23U +RdLL9TR2tAjdEAGG2VYH5p6aL7+Nm4EI5BOwuX5G9tzyDtRyU9DwfZuoJbdXHPVP +CQVedErtLTsiNIqTbvPcqvZaOPKN8KSjpAaZHuXwRm4fdutBpXXv8yCNtng8ePbV +d9hshJKvYWDlcZbzcPCqL0jar+nd+1514p32ecKAaETe5qrnwupLto/7yRsopmNQ +37FuQ0Hd+CPOJWyqTVeRxeOXd5IEzE+xHjzpei0cAALYi+DyIW92yyUk5YPp6tGD +GmNdpdCKqSO1IRI/6Ndqj+qhJ7Rc67j+LA5pXZX+BW2H8/74OBw5bJYT7Vly6mfK +c0hVfgdoqU1jlgtMq/8Y1fdbxoNl53FEkW+J3CnhsxnEslm9q8K+f5Q0x1LE+nBA +9Y9uV/9KIIGZbZDxeCUB8ulGui89nOuQx5QBeZxBrWFpy/Wb8gwrSccw1w80ob2a +VJ48MKJ9AsmbFKLP13VfSin2PpfWxYwhMm0zxFJDC/QAoO7NUyvN5YlRtJnOeyTe +Ya+MhnWEmUeJStnPcllo39OwaOuLK9cGwl6ykw49C0RM/qcaYTgtjNefxW+Rx7fu +8FI8dWzIGB7nGDtZLLyDDnH0hr3gXWqGw5QbgABP0abtrrhrF5LAcO4dsL1QuBLg +uL2MFDn2nuLEx7c= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFwjCCA6qgAwIBAgIBATANBgkqhkiG9w0BAQsFADB3MQswCQYDVQQGEwJERTEP +MA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBkZJV0FS +RTESMBAGA1UEAxMJRklXQVJFLUNBMSEwHwYJKoZIhvcNAQkBFhJyb290LWNhQGZp +d2FyZS5vcmcwHhcNMjIwOTIxMTIwNDUzWhcNMjkxMjIzMTIwNDUzWjBqMQswCQYD +VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQKEwZGSVdBUkUxFjAUBgNV +BAMUDUZJV0FSRS1DQV9UTFMxITAfBgkqhkiG9w0BCQEWEnJvb3QtY2FAZml3YXJl +Lm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANjtrG/NDN2PtA7l +1fU9U42abgOyMryMRoT3DB/SlOnGcg8JeWEyha4t8znZMduwP7lMUq281rS3pEZf +R3lUBfXhC5cBUjQDLKlYdVWTVJTTqhhMLwyNrerd4RIVkx5vMgEfObFkJOjCxDR2 ++bFEHLyXwUaFFz8EAUj8kLsphHIuXv3NLSWiKWH2xYVOx1DKxwAZ+dqTueGyeOvi +QvO5r78uOG9NjwXw46boREKNSleDXpQMEG94gzgZygjdQ1tR3a/0K8QMlgBI12NO +pa6XL+an5l5iSzB/oYzZguAX0HGumMUvr4zhKiPzgiKyRrFf1mOjEUpgUV9rDH35 +MNv5cjgjFR1CdvPgveZc7zjZWT4786U8NZ6Wa/jRfiPUISykUps3zfsOq2jWNqSz +u+LSGcoXRcaL0bIjuScQkVaH3BFua4SuU75bifMaZqol/xVA4CONqXkFkihyuqw2 +eu86045w+XiPpZ1NYa+wdE9pR6RBNgb9vG8Po+43TLe0phxbB8eO5Xokpq2Qe9Hx +NbrF6sI03n/9VQXmIRcaLvtQ+k2a0sPcmMi0s1b5GCqmf13OlWRxTqPWLuKy8i8c +yiq2q/XVNpZ5UdIf47rkkI8PGLKe6Nzh/uhd0ZCn0t5Hu8nRS7hi/XCfJ+he6QRg +KCGSXITG0IwjA50gyaFo6c/9VRePAgMBAAGjZjBkMB0GA1UdDgQWBBQkH+EGxmGI +ZB3U1NE2UnAwBdtsgzAfBgNVHSMEGDAWgBR/813uZ43zu/7iXBl2WsWTuSlmDjAS +BgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsF +AAOCAgEAVgpKfvpk9uyb16VIWs3uksYzgwJyjGqpJ0j9FmTrg4HyrzfXLKlDX09W +6RaEZ8dVGPugNsLTA/WXWsejWjaj8Ygk8sy5OLQ/qVO9MFEK5muco2O4Au8GjrOM +x+Y65DMUByHPHPhUhBapUzSz4ho4rpqabHYc0FIq5tmSMweNUG9rcPRMx9//anOc +4fkw9Rkvl0oMXHBqDeluLVgfN6xuJX8pqZidgvj6P3Zg7dJqj+1RSNuVdfWwDTug +25p/VAZqKeFY1UrdbRmREQ22tjgw9eH0+8fv4hK5gWfR8U1qNOIBwRAQasUcOs4T +tot/QakAb/aP753p2wg2prm/pByB2S3uTcuayj6Z8OUYKQwnF6pLa9HwKOObTD6K +kRP2OlcPQwwNXzZiHs3eiVgAAoyCSc1I1PIKA64iAJXHsFsCHJzBBStrZLdL1Xcx +GeurZHg7nulEcMZ32JEShxqPsH/YqorO2RzP4XhsUMh7mEHCLMCZHphzjip5kaoi +y1Q7+Q1/P0kf7yUTCLudp+20Vm5kFcy9zLLggl7EUkru6djv5q2cbPSz0J/NnPjR +GOFMlCrJ/DjWNJN0Ss/k3rCuhQbzZGyNw1vQCc602VNpJT5N7N9H7tKaZlE89G1k +oU/RLlGTDpD/RxBX2s9oFiO4yIX5+R2nfKW36uC9f4hiYT6sRvE= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGUTCCBDmgAwIBAgIJAOA3HGewsq2PMA0GCSqGSIb3DQEBCwUAMHcxCzAJBgNV +BAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UE +ChMGRklXQVJFMRIwEAYDVQQDEwlGSVdBUkUtQ0ExITAfBgkqhkiG9w0BCQEWEnJv +b3QtY2FAZml3YXJlLm9yZzAeFw0yMjA5MjExMTU5MjNaFw0zMjA5MTgxMTU5MjNa +MHcxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxp +bjEPMA0GA1UEChMGRklXQVJFMRIwEAYDVQQDEwlGSVdBUkUtQ0ExITAfBgkqhkiG +9w0BCQEWEnJvb3QtY2FAZml3YXJlLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIP +ADCCAgoCggIBAJvAjZJxXckYB11eSRHpQKSoHwXaBmp4S6Tn5JZ6mUy4Z7c0oINg +mcajIXZwXEU3W+rxd40OMVB2CcoYScxsTF7nrN1LIuSnYYL02yq3pqWe1JpZlAA5 +qakI1x6kx3duj8YocmdZlLDSZt699lN6+7rMdahm0Vcy9Ir7sE23oNMDgzMhTCkq +OzDfElDYRnpuH6eU3tcToAqkBAQ0qVcfmudsTuGpZ4JrrWgacaB9Ef0hENM5IAK3 +7/rpfYDiKr+5j2VMfuUJ2WlhkiHUNt1Y9UfTrW6qLvnXjM8LjhHrzA2nB6zt9nVW +iq4K36Ci/nsEAgiJj31mvhufmqBU2Q4SXOWVf73v7QM1ObHps5XuCav1Nh/gKcRe +Qj1a/nFz+IhENVHlmdPUI2f2/5j/R11oaKeOcLIOeMdt9xzAtCaBYwlhwmgQF2/l +8dbOugcE2PsWS01rPT735hQ+iJNNWM2791ufhPC/dEQpTP36L4JxUeQgUJfmDZCX +NEZOFEek8gwmJTySIbnE43oHWMixHtAsUFDa+TYDZtkGWGsQFTsRfh79DTcniJcu +Gm9rYsYCo54870rkzJwDc73LBIL+5mnUUd1utoI94x72FO1bm4nIKCbSUylrwCaX +4F5K8bSyfZFUVhW1u/nVo7k5cbwviESYnfFrlO9kZIdbCkLIm5vp0RMzAgMBAAGj +gd8wgdwwHQYDVR0OBBYEFH/zXe5njfO7/uJcGXZaxZO5KWYOMIGpBgNVHSMEgaEw +gZ6AFH/zXe5njfO7/uJcGXZaxZO5KWYOoXukeTB3MQswCQYDVQQGEwJERTEPMA0G +A1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBkZJV0FSRTES +MBAGA1UEAxMJRklXQVJFLUNBMSEwHwYJKoZIhvcNAQkBFhJyb290LWNhQGZpd2Fy +ZS5vcmeCCQDgNxxnsLKtjzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA +A4ICAQCQiR/V4p9VDv2/61apgsUWxyRXa4HXPpuxsTWL/8Z2ztgHiHClmHt48q59 +rn3gGbrXj1sMapCawfN7n7gCJAzCOcwZrNdSiHjBkEOgBSTKoiTfMCcrhLaQP6z6 +6pY+ZJlL5BbhkMd95gAua0VL7W3zt4nDvYB1trzoDlIZPuAYVrAm7xB4CuZVdJDW +7QpNykH6Er58FiRFOMHP+KvPJm3nZVq6hcQ78XQf6Dco55PsZspXmBLMlTZmKKr2 +rpHHdg9ewayQqkCYiRm+Yr6G1tfkKCehKYdz3ORWVfJ+NrwOEQbRfPuDG2YdQo4+ +R7sXeYMJIEzHHXvO59yiZqPuKok839d7kkrZSqkEZXQSvSolXhqNWH3p7IuOX1/P +ph1jPFZT+RrORbInUwoScPWsK8yh+mYo9h/+QbA/vZeve0/ExrFCUj2BwHa5scnm +1uororcEuRkFJjDMX4tJOGv9t/C3+kORSKJSgmPmSZ2XM/jLCIhfDWxlpwFNSJJQ +F69uygJdFZNlo1jl6fG5lrwWNhArnI49WLQrEmjwG/1zUQz5EiDt8GTKFGNBJNxV +kb2CZS4H8+GB2UK1nsk+Fv9Joc4CFp6LOvXSJ9m8O/9GIfqOwbl12ldN9/9Oyia5 +gty2Gjmr0kunFqqelUzoqMc7Jh/8EPPjVpK3gJUdZM4JlSHZjA== +-----END CERTIFICATE----- diff --git a/certs/consumerone.cert.pem b/certs/consumerone.cert.pem new file mode 100644 index 0000000..5fbea5a --- /dev/null +++ b/certs/consumerone.cert.pem @@ -0,0 +1,37 @@ +-----BEGIN CERTIFICATE----- +MIIGZzCCBE+gAwIBAgIJALTnY4ETe5dRMA0GCSqGSIb3DQEBCwUAMGoxCzAJBgNV +BAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAoTBkZJV0FSRTEWMBQGA1UE +AxQNRklXQVJFLUNBX1RMUzEhMB8GCSqGSIb3DQEJARYScm9vdC1jYUBmaXdhcmUu +b3JnMB4XDTIzMDEzMTE1MDQzOVoXDTI4MDEzMDE1MDQzOVowgbMxCzAJBgNVBAYT +AkRFMQ8wDQYDVQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEdMBsGA1UECgwU +U2VydmljZSBDb25zdW1lciBPbmUxHTAbBgNVBAMMFFNlcnZpY2UtQ29uc3VtZXIt +T25lMSQwIgYJKoZIhvcNAQkBFhVhZG1pbkBjb25zdW1lcm9uZS5jb20xHjAcBgNV +BAUTFUVVLkVPUkkuREVDT05TVU1FUk9ORTCCAiIwDQYJKoZIhvcNAQEBBQADggIP +ADCCAgoCggIBALOFuCw0RAiUEaom3Fw4850RPLKXlPVSs3PvKaEaElldy2AZuskg +Vd0Nc8t5dBI7ua1LYN8PC/WPJSgNUZAMMmJ6j4ScQHJrvZHFLZkC2KmPmhIoAWfX +UYex09g8iAd85x0w8eHkPdbzhTUXUOn8Dl7GqWMEUkxPkvAHnfxPKmaN14L5CWpF +RZ7zsNob929+HlaR2XFmZs0gXRJlJZ/wJnRekeaDZ8n3pyKB9Q00+Pw+g3TYJBgf +NBhbz/73btww0ILXAOho1v9JRvRMFLLfCpzV5TkJ/A3GQsWUqzieTi1X6j9km0xU +g+tQooyw4gzsx7iLAb0jQvBPwtq9pXgpbFfOXER/YV4XvTsB7Jjjg8Ve9hUKVNe4 +JnRWTHN6LV4z60p3NKadUoE9mLSS2ZHUQjY51I+N3ovRj8zp29JmPzgnxw9eL7MS +3wqhIjfs4fRh3pzTOnbQAEZCIAP2O8kd+Ad1MC9NTn9hLlz36ellyVrsFuoSLSZK +zMpyiv9SMr5sIuTTkDIiMeZzkyZJZzMR2n3L0JmeTcs65vS95dK+MxqFNAik0SVX +AfpX+kTmL67mNqrc6fpk2tvSLPFzGWUc+YrsE3nhuEp+OrTsqp/2iGlLawKVQicv +JF3y35bTKyZ1qMRThVyL+RfE1JaoEEttkjEZjl+NO8lXTRoScqZr2qvVAgMBAAGj +gcUwgcIwCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwMwYJYIZIAYb4QgEN +BCYWJE9wZW5TU0wgR2VuZXJhdGVkIENsaWVudCBDZXJ0aWZpY2F0ZTAdBgNVHQ4E +FgQUuBPTtcuLpRXYEjIsQaQjfEQ1lxowHwYDVR0jBBgwFoAUJB/hBsZhiGQd1NTR +NlJwMAXbbIMwDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggr +BgEFBQcDBDANBgkqhkiG9w0BAQsFAAOCAgEAUapFF47uERviYMncg5mnePW3x23U +RdLL9TR2tAjdEAGG2VYH5p6aL7+Nm4EI5BOwuX5G9tzyDtRyU9DwfZuoJbdXHPVP +CQVedErtLTsiNIqTbvPcqvZaOPKN8KSjpAaZHuXwRm4fdutBpXXv8yCNtng8ePbV +d9hshJKvYWDlcZbzcPCqL0jar+nd+1514p32ecKAaETe5qrnwupLto/7yRsopmNQ +37FuQ0Hd+CPOJWyqTVeRxeOXd5IEzE+xHjzpei0cAALYi+DyIW92yyUk5YPp6tGD +GmNdpdCKqSO1IRI/6Ndqj+qhJ7Rc67j+LA5pXZX+BW2H8/74OBw5bJYT7Vly6mfK +c0hVfgdoqU1jlgtMq/8Y1fdbxoNl53FEkW+J3CnhsxnEslm9q8K+f5Q0x1LE+nBA +9Y9uV/9KIIGZbZDxeCUB8ulGui89nOuQx5QBeZxBrWFpy/Wb8gwrSccw1w80ob2a +VJ48MKJ9AsmbFKLP13VfSin2PpfWxYwhMm0zxFJDC/QAoO7NUyvN5YlRtJnOeyTe +Ya+MhnWEmUeJStnPcllo39OwaOuLK9cGwl6ykw49C0RM/qcaYTgtjNefxW+Rx7fu +8FI8dWzIGB7nGDtZLLyDDnH0hr3gXWqGw5QbgABP0abtrrhrF5LAcO4dsL1QuBLg +uL2MFDn2nuLEx7c= +-----END CERTIFICATE----- diff --git a/certs/consumerone.key.pem b/certs/consumerone.key.pem new file mode 100644 index 0000000..062639e --- /dev/null +++ b/certs/consumerone.key.pem @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAs4W4LDRECJQRqibcXDjznRE8speU9VKzc+8poRoSWV3LYBm6 +ySBV3Q1zy3l0Eju5rUtg3w8L9Y8lKA1RkAwyYnqPhJxAcmu9kcUtmQLYqY+aEigB +Z9dRh7HT2DyIB3znHTDx4eQ91vOFNRdQ6fwOXsapYwRSTE+S8Aed/E8qZo3XgvkJ +akVFnvOw2hv3b34eVpHZcWZmzSBdEmUln/AmdF6R5oNnyfenIoH1DTT4/D6DdNgk +GB80GFvP/vdu3DDQgtcA6GjW/0lG9EwUst8KnNXlOQn8DcZCxZSrOJ5OLVfqP2Sb +TFSD61CijLDiDOzHuIsBvSNC8E/C2r2leClsV85cRH9hXhe9OwHsmOODxV72FQpU +17gmdFZMc3otXjPrSnc0pp1SgT2YtJLZkdRCNjnUj43ei9GPzOnb0mY/OCfHD14v +sxLfCqEiN+zh9GHenNM6dtAARkIgA/Y7yR34B3UwL01Of2EuXPfp6WXJWuwW6hIt +JkrMynKK/1Iyvmwi5NOQMiIx5nOTJklnMxHafcvQmZ5Nyzrm9L3l0r4zGoU0CKTR +JVcB+lf6ROYvruY2qtzp+mTa29Is8XMZZRz5iuwTeeG4Sn46tOyqn/aIaUtrApVC +Jy8kXfLfltMrJnWoxFOFXIv5F8TUlqgQS22SMRmOX407yVdNGhJypmvaq9UCAwEA +AQKCAgB3sQ0FM+e0THymlHhRaItMSoTMkfH3yqbpAikgR1C6kqWZMi5uEIgO9Pwi +SpzP11BJsTsqHU8c7s6YMKETyH4DWLG9eawiXaErwmpPXS11h8/ykQe240Fxlmen +AVy0mVtCBDMRJ+rvGLfUmPISv0IZgJzI7sWsKVXPgVSdN28Opz1sDnxvhTYQ72sX +UJQdmtnBYEa4q8yYsR48uIFobGZHKhJevXgCmYKuqDTpFEt5anic+8q85nkGUJiR +5wjb+BPdWFo7mkLWPFX5ZYxbYggiXx4QdI6/5FL6hs/N1QZMhxQgJgTA1IyL5Nwr +r3dXpLrYWJ3VK+Bidtt0mgLr5bpchbDEkD0y3elcIoy6s+20gtl5sQ4/l2Kq19eP +ASlX2JDZJ1VmDKkB0MKYV/XzofxwnTYS1t4yHIwZcRmWVR6yH8X5kYGF/iKnRuvf +GfGh8Sv2R4R8uE7Gi//709z1eQusaID9zckw3LJyIEaBFv6aoeX40CJ3CE0QwgxP +rfb8+fmYzJJR8+lgwh6qXX1eLbaqOTrZwS7U+G8wtFDL8JgNqqrZx+vs5X79qPNf +rXbYEbUVYzd5A2+x03PxN6Ig+FUEeRbXsSBgw9zz0tG55QUhgYYXksNykjh7C3fI +d6v16go2HKQD2VzTaUXD7XuSXm06AEQAPQZmPATSAwNv4JL2AQKCAQEA6myUSf0t +Wq1wVNlFGyG+SPGnbtLAgX06Zcpup1o4nyeWCaPpnkcrlukv4wx5A/caa5FcLhGf +Mixt0UwAdLMXIBQuGE/W17hnRe0UpdD7+tMZtgpidQPtOcxzBDphWJbJSQ+2rktS +gLmDPPHrYEmRwhPKjCsJDl+CeZoVzdXQN8hXW2g8tb1aMWvQ5MfSF2uf3CdR7sIi +U0d+MbGj4+NVxCDGa9DcWlkKsLkHL/UhLlz8jVaqYW0SGWHD2z951syRszxtGHJf +4ypmEDF5P5EU8M+7d3B6GVpgnjzTpcEAIejWdtY8qn3rUECMVFIn1JbQb3F6lwwd +XbFaYBxnpbXQgQKCAQEAxAuQHrIfmdTYmluBkjvKZbnsr/wpJMFK/E+d1VwPl/WV +FRaoBX0WDKZQQ8xlcPDrsgHi9O4Vz7pT54wFZC4tDLCa0XEtyxeDnyawnEE02U3B +QWQCrj39lXwvrDR/eEV7Mk+29cN7BaPxzMaYOlXnSX5q02+7M8RarEvBHnmEERqW +bq0FQjSf4GiuAaPK3R9YjLSua2MCtPGCQaXTFY5GRrSW9DD5Bg7d1MuIwhD4eVAK +Kcr7QTeoM+xmPoyq1J7gH1E5gy8XWRDoUOtevmyaFlqdHNorXhSTieYrEBhAhxVv +9ppGrO3+4RaFNsAgRRGddVS7SbSYNfuiN1Wx87PxVQKCAQEA2VDCvzxW2SLDacTo +zVggoFp1DsWM8/11L3vTzIxUxSXbbyBmp/XuML4HSIH9hXGDKojcXVC0tbx+KXI9 +UfHb1D8g5CTPU7d89VPsujLcBQ/BXAKQd02mktg3H4pHR+qwumw4u6bT2sUfJlZW +DzLkTnguYnZatNpRiA0RfXlixvOQGAqvjQL2I66BPjUHS/LXhS1mROHvFCjIkaTN ++6p5jZGcn8JFI/Q7dsxwH0Ms+V/2N8hJtnt4NdNtz0gu2LNXtkKkF++feGWLrCNQ +9V63fO32Kak5Z1tjCg31XklmqAjDF/NO1fZZOFI+RMTMa8VLgKRAMtpmNr78uvBa +HUJJAQKCAQAyz7Ro4E3kdxA04aaxmiGZQBkie77GMfsXbiNAW34HKrWbI6Yk1gjS ++oAvMljQbwEHwAls5hBtKKP6jYYQMw+mDFf0FNuDmfKZW1PHC/eAovCF3D/9nT+O +cQOCJJEtQQTvQ03uYN4P1jAjnQ1zgTRTDhrt9jWU8z11DqVdGq2qKTP4N4v3XuBZ +L4h6EFPR///ZaDMUzjKzZy0Vir8tBRUd2kyNueuxMEU6lA48Dl34Q1B/CIcanixQ +WOMfLyJPvWXleA3p/FiW0xUDdB24STmetZmnErzOw5KB2VAr+b0vxdShG9dZls3K +1SVtzVoPzML82Bs6vT3+L9wZb3KR8X+JAoIBAGmKO9+3x0ey2sjbFbMx+JyPAnZH +xu2NO0UHLMd/c1rbGlh3Z0len5rozzH8gs1y/dcQ59ZF1WhQGw7udcGEi/wGd4bi +AGwQuplxUL9YlkI6YQb3HAeY2nrO2FCSsAUaIw71HEHvSjE5Sd9X9y8oN4RTjbLz +KMmErltPQmrxfQyPVLegBX14k5FH6wFo7XII8OCaP706c6wW4toRNnOY5+RSTyQU +/rAO+z9AI3Nu5Q13Bp7a+5hwfaJl/zs/lDd+Wf8XBS6dQ4epx83SeqrJwUuRmiXh +68PLpA9vOfRoA24k20EZEmWdtF7SF76QGK80F7BYw/ZZex6yhiMlhABvS2g= +-----END RSA PRIVATE KEY----- diff --git a/certs/root/ca-chain-bundle.cert.pem b/certs/root/ca-chain-bundle.cert.pem new file mode 100644 index 0000000..c209739 --- /dev/null +++ b/certs/root/ca-chain-bundle.cert.pem @@ -0,0 +1,69 @@ +-----BEGIN CERTIFICATE----- +MIIFwjCCA6qgAwIBAgIBATANBgkqhkiG9w0BAQsFADB3MQswCQYDVQQGEwJERTEP +MA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBkZJV0FS +RTESMBAGA1UEAxMJRklXQVJFLUNBMSEwHwYJKoZIhvcNAQkBFhJyb290LWNhQGZp +d2FyZS5vcmcwHhcNMjIwOTIxMTIwNDUzWhcNMjkxMjIzMTIwNDUzWjBqMQswCQYD +VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQKEwZGSVdBUkUxFjAUBgNV +BAMUDUZJV0FSRS1DQV9UTFMxITAfBgkqhkiG9w0BCQEWEnJvb3QtY2FAZml3YXJl +Lm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANjtrG/NDN2PtA7l +1fU9U42abgOyMryMRoT3DB/SlOnGcg8JeWEyha4t8znZMduwP7lMUq281rS3pEZf +R3lUBfXhC5cBUjQDLKlYdVWTVJTTqhhMLwyNrerd4RIVkx5vMgEfObFkJOjCxDR2 ++bFEHLyXwUaFFz8EAUj8kLsphHIuXv3NLSWiKWH2xYVOx1DKxwAZ+dqTueGyeOvi +QvO5r78uOG9NjwXw46boREKNSleDXpQMEG94gzgZygjdQ1tR3a/0K8QMlgBI12NO +pa6XL+an5l5iSzB/oYzZguAX0HGumMUvr4zhKiPzgiKyRrFf1mOjEUpgUV9rDH35 +MNv5cjgjFR1CdvPgveZc7zjZWT4786U8NZ6Wa/jRfiPUISykUps3zfsOq2jWNqSz +u+LSGcoXRcaL0bIjuScQkVaH3BFua4SuU75bifMaZqol/xVA4CONqXkFkihyuqw2 +eu86045w+XiPpZ1NYa+wdE9pR6RBNgb9vG8Po+43TLe0phxbB8eO5Xokpq2Qe9Hx +NbrF6sI03n/9VQXmIRcaLvtQ+k2a0sPcmMi0s1b5GCqmf13OlWRxTqPWLuKy8i8c +yiq2q/XVNpZ5UdIf47rkkI8PGLKe6Nzh/uhd0ZCn0t5Hu8nRS7hi/XCfJ+he6QRg +KCGSXITG0IwjA50gyaFo6c/9VRePAgMBAAGjZjBkMB0GA1UdDgQWBBQkH+EGxmGI +ZB3U1NE2UnAwBdtsgzAfBgNVHSMEGDAWgBR/813uZ43zu/7iXBl2WsWTuSlmDjAS +BgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsF +AAOCAgEAVgpKfvpk9uyb16VIWs3uksYzgwJyjGqpJ0j9FmTrg4HyrzfXLKlDX09W +6RaEZ8dVGPugNsLTA/WXWsejWjaj8Ygk8sy5OLQ/qVO9MFEK5muco2O4Au8GjrOM +x+Y65DMUByHPHPhUhBapUzSz4ho4rpqabHYc0FIq5tmSMweNUG9rcPRMx9//anOc +4fkw9Rkvl0oMXHBqDeluLVgfN6xuJX8pqZidgvj6P3Zg7dJqj+1RSNuVdfWwDTug +25p/VAZqKeFY1UrdbRmREQ22tjgw9eH0+8fv4hK5gWfR8U1qNOIBwRAQasUcOs4T +tot/QakAb/aP753p2wg2prm/pByB2S3uTcuayj6Z8OUYKQwnF6pLa9HwKOObTD6K +kRP2OlcPQwwNXzZiHs3eiVgAAoyCSc1I1PIKA64iAJXHsFsCHJzBBStrZLdL1Xcx +GeurZHg7nulEcMZ32JEShxqPsH/YqorO2RzP4XhsUMh7mEHCLMCZHphzjip5kaoi +y1Q7+Q1/P0kf7yUTCLudp+20Vm5kFcy9zLLggl7EUkru6djv5q2cbPSz0J/NnPjR +GOFMlCrJ/DjWNJN0Ss/k3rCuhQbzZGyNw1vQCc602VNpJT5N7N9H7tKaZlE89G1k +oU/RLlGTDpD/RxBX2s9oFiO4yIX5+R2nfKW36uC9f4hiYT6sRvE= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGUTCCBDmgAwIBAgIJAOA3HGewsq2PMA0GCSqGSIb3DQEBCwUAMHcxCzAJBgNV +BAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UE +ChMGRklXQVJFMRIwEAYDVQQDEwlGSVdBUkUtQ0ExITAfBgkqhkiG9w0BCQEWEnJv +b3QtY2FAZml3YXJlLm9yZzAeFw0yMjA5MjExMTU5MjNaFw0zMjA5MTgxMTU5MjNa +MHcxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxp +bjEPMA0GA1UEChMGRklXQVJFMRIwEAYDVQQDEwlGSVdBUkUtQ0ExITAfBgkqhkiG +9w0BCQEWEnJvb3QtY2FAZml3YXJlLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIP +ADCCAgoCggIBAJvAjZJxXckYB11eSRHpQKSoHwXaBmp4S6Tn5JZ6mUy4Z7c0oINg +mcajIXZwXEU3W+rxd40OMVB2CcoYScxsTF7nrN1LIuSnYYL02yq3pqWe1JpZlAA5 +qakI1x6kx3duj8YocmdZlLDSZt699lN6+7rMdahm0Vcy9Ir7sE23oNMDgzMhTCkq +OzDfElDYRnpuH6eU3tcToAqkBAQ0qVcfmudsTuGpZ4JrrWgacaB9Ef0hENM5IAK3 +7/rpfYDiKr+5j2VMfuUJ2WlhkiHUNt1Y9UfTrW6qLvnXjM8LjhHrzA2nB6zt9nVW +iq4K36Ci/nsEAgiJj31mvhufmqBU2Q4SXOWVf73v7QM1ObHps5XuCav1Nh/gKcRe +Qj1a/nFz+IhENVHlmdPUI2f2/5j/R11oaKeOcLIOeMdt9xzAtCaBYwlhwmgQF2/l +8dbOugcE2PsWS01rPT735hQ+iJNNWM2791ufhPC/dEQpTP36L4JxUeQgUJfmDZCX +NEZOFEek8gwmJTySIbnE43oHWMixHtAsUFDa+TYDZtkGWGsQFTsRfh79DTcniJcu +Gm9rYsYCo54870rkzJwDc73LBIL+5mnUUd1utoI94x72FO1bm4nIKCbSUylrwCaX +4F5K8bSyfZFUVhW1u/nVo7k5cbwviESYnfFrlO9kZIdbCkLIm5vp0RMzAgMBAAGj +gd8wgdwwHQYDVR0OBBYEFH/zXe5njfO7/uJcGXZaxZO5KWYOMIGpBgNVHSMEgaEw +gZ6AFH/zXe5njfO7/uJcGXZaxZO5KWYOoXukeTB3MQswCQYDVQQGEwJERTEPMA0G +A1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBkZJV0FSRTES +MBAGA1UEAxMJRklXQVJFLUNBMSEwHwYJKoZIhvcNAQkBFhJyb290LWNhQGZpd2Fy +ZS5vcmeCCQDgNxxnsLKtjzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA +A4ICAQCQiR/V4p9VDv2/61apgsUWxyRXa4HXPpuxsTWL/8Z2ztgHiHClmHt48q59 +rn3gGbrXj1sMapCawfN7n7gCJAzCOcwZrNdSiHjBkEOgBSTKoiTfMCcrhLaQP6z6 +6pY+ZJlL5BbhkMd95gAua0VL7W3zt4nDvYB1trzoDlIZPuAYVrAm7xB4CuZVdJDW +7QpNykH6Er58FiRFOMHP+KvPJm3nZVq6hcQ78XQf6Dco55PsZspXmBLMlTZmKKr2 +rpHHdg9ewayQqkCYiRm+Yr6G1tfkKCehKYdz3ORWVfJ+NrwOEQbRfPuDG2YdQo4+ +R7sXeYMJIEzHHXvO59yiZqPuKok839d7kkrZSqkEZXQSvSolXhqNWH3p7IuOX1/P +ph1jPFZT+RrORbInUwoScPWsK8yh+mYo9h/+QbA/vZeve0/ExrFCUj2BwHa5scnm +1uororcEuRkFJjDMX4tJOGv9t/C3+kORSKJSgmPmSZ2XM/jLCIhfDWxlpwFNSJJQ +F69uygJdFZNlo1jl6fG5lrwWNhArnI49WLQrEmjwG/1zUQz5EiDt8GTKFGNBJNxV +kb2CZS4H8+GB2UK1nsk+Fv9Joc4CFp6LOvXSJ9m8O/9GIfqOwbl12ldN9/9Oyia5 +gty2Gjmr0kunFqqelUzoqMc7Jh/8EPPjVpK3gJUdZM4JlSHZjA== +-----END CERTIFICATE----- diff --git a/certs/root/cacert.pem b/certs/root/cacert.pem new file mode 100644 index 0000000..8c74bfc --- /dev/null +++ b/certs/root/cacert.pem @@ -0,0 +1,36 @@ +-----BEGIN CERTIFICATE----- +MIIGUTCCBDmgAwIBAgIJAOA3HGewsq2PMA0GCSqGSIb3DQEBCwUAMHcxCzAJBgNV +BAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UE +ChMGRklXQVJFMRIwEAYDVQQDEwlGSVdBUkUtQ0ExITAfBgkqhkiG9w0BCQEWEnJv +b3QtY2FAZml3YXJlLm9yZzAeFw0yMjA5MjExMTU5MjNaFw0zMjA5MTgxMTU5MjNa +MHcxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxp +bjEPMA0GA1UEChMGRklXQVJFMRIwEAYDVQQDEwlGSVdBUkUtQ0ExITAfBgkqhkiG +9w0BCQEWEnJvb3QtY2FAZml3YXJlLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIP +ADCCAgoCggIBAJvAjZJxXckYB11eSRHpQKSoHwXaBmp4S6Tn5JZ6mUy4Z7c0oINg +mcajIXZwXEU3W+rxd40OMVB2CcoYScxsTF7nrN1LIuSnYYL02yq3pqWe1JpZlAA5 +qakI1x6kx3duj8YocmdZlLDSZt699lN6+7rMdahm0Vcy9Ir7sE23oNMDgzMhTCkq +OzDfElDYRnpuH6eU3tcToAqkBAQ0qVcfmudsTuGpZ4JrrWgacaB9Ef0hENM5IAK3 +7/rpfYDiKr+5j2VMfuUJ2WlhkiHUNt1Y9UfTrW6qLvnXjM8LjhHrzA2nB6zt9nVW +iq4K36Ci/nsEAgiJj31mvhufmqBU2Q4SXOWVf73v7QM1ObHps5XuCav1Nh/gKcRe +Qj1a/nFz+IhENVHlmdPUI2f2/5j/R11oaKeOcLIOeMdt9xzAtCaBYwlhwmgQF2/l +8dbOugcE2PsWS01rPT735hQ+iJNNWM2791ufhPC/dEQpTP36L4JxUeQgUJfmDZCX +NEZOFEek8gwmJTySIbnE43oHWMixHtAsUFDa+TYDZtkGWGsQFTsRfh79DTcniJcu +Gm9rYsYCo54870rkzJwDc73LBIL+5mnUUd1utoI94x72FO1bm4nIKCbSUylrwCaX +4F5K8bSyfZFUVhW1u/nVo7k5cbwviESYnfFrlO9kZIdbCkLIm5vp0RMzAgMBAAGj +gd8wgdwwHQYDVR0OBBYEFH/zXe5njfO7/uJcGXZaxZO5KWYOMIGpBgNVHSMEgaEw +gZ6AFH/zXe5njfO7/uJcGXZaxZO5KWYOoXukeTB3MQswCQYDVQQGEwJERTEPMA0G +A1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBkZJV0FSRTES +MBAGA1UEAxMJRklXQVJFLUNBMSEwHwYJKoZIhvcNAQkBFhJyb290LWNhQGZpd2Fy +ZS5vcmeCCQDgNxxnsLKtjzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA +A4ICAQCQiR/V4p9VDv2/61apgsUWxyRXa4HXPpuxsTWL/8Z2ztgHiHClmHt48q59 +rn3gGbrXj1sMapCawfN7n7gCJAzCOcwZrNdSiHjBkEOgBSTKoiTfMCcrhLaQP6z6 +6pY+ZJlL5BbhkMd95gAua0VL7W3zt4nDvYB1trzoDlIZPuAYVrAm7xB4CuZVdJDW +7QpNykH6Er58FiRFOMHP+KvPJm3nZVq6hcQ78XQf6Dco55PsZspXmBLMlTZmKKr2 +rpHHdg9ewayQqkCYiRm+Yr6G1tfkKCehKYdz3ORWVfJ+NrwOEQbRfPuDG2YdQo4+ +R7sXeYMJIEzHHXvO59yiZqPuKok839d7kkrZSqkEZXQSvSolXhqNWH3p7IuOX1/P +ph1jPFZT+RrORbInUwoScPWsK8yh+mYo9h/+QbA/vZeve0/ExrFCUj2BwHa5scnm +1uororcEuRkFJjDMX4tJOGv9t/C3+kORSKJSgmPmSZ2XM/jLCIhfDWxlpwFNSJJQ +F69uygJdFZNlo1jl6fG5lrwWNhArnI49WLQrEmjwG/1zUQz5EiDt8GTKFGNBJNxV +kb2CZS4H8+GB2UK1nsk+Fv9Joc4CFp6LOvXSJ9m8O/9GIfqOwbl12ldN9/9Oyia5 +gty2Gjmr0kunFqqelUzoqMc7Jh/8EPPjVpK3gJUdZM4JlSHZjA== +-----END CERTIFICATE----- diff --git a/certs/root/cakey.pem b/certs/root/cakey.pem new file mode 100644 index 0000000..051f95f --- /dev/null +++ b/certs/root/cakey.pem @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJJwIBAAKCAgEAm8CNknFdyRgHXV5JEelApKgfBdoGanhLpOfklnqZTLhntzSg +g2CZxqMhdnBcRTdb6vF3jQ4xUHYJyhhJzGxMXues3Usi5KdhgvTbKrempZ7UmlmU +ADmpqQjXHqTHd26PxihyZ1mUsNJm3r32U3r7usx1qGbRVzL0ivuwTbeg0wODMyFM +KSo7MN8SUNhGem4fp5Te1xOgCqQEBDSpVx+a52xO4alngmutaBpxoH0R/SEQ0zkg +Arfv+ul9gOIqv7mPZUx+5QnZaWGSIdQ23Vj1R9Otbqou+deMzwuOEevMDacHrO32 +dVaKrgrfoKL+ewQCCImPfWa+G5+aoFTZDhJc5ZV/ve/tAzU5semzle4Jq/U2H+Ap +xF5CPVr+cXP4iEQ1UeWZ09QjZ/b/mP9HXWhop45wsg54x233HMC0JoFjCWHCaBAX +b+Xx1s66BwTY+xZLTWs9PvfmFD6Ik01Yzbv3W5+E8L90RClM/fovgnFR5CBQl+YN +kJc0Rk4UR6TyDCYlPJIhucTjegdYyLEe0CxQUNr5NgNm2QZYaxAVOxF+Hv0NNyeI +ly4ab2tixgKjnjzvSuTMnANzvcsEgv7madRR3W62gj3jHvYU7VubicgoJtJTKWvA +JpfgXkrxtLJ9kVRWFbW7+dWjuTlxvC+IRJid8WuU72Rkh1sKQsibm+nREzMCAwEA +AQKCAgBpV9TpJXAPYQcqKWk2ihLEy0kgRhRs0qwm/wjmlkk1UMwlZ5zg/udDKHar +itd9oTG0OFlpuB22k/+PBtpzPxRwZDXQ/s685FDZqA7MV6aJAmI9ezTU6itMPsRw +33Zh2w+3MQgfysD8z3HwWX9PezDjaQJzQgd4+OfZUN4v0nEeB5Qncu/2L7AVH+td +bspMaEtUpyYJRibKy6BDz/JxENlOiTzY+CEgXv/MF4aey7jtAf5FPq/d5taTWHUg +RNgxEKpiE1kIRJ8d3XZfFw98qnxLdmopHUXkiduc9e3DRT6gRUa1ucUmG8B0crpK +BbQlM9LEP3YjlOgj+tE0e+7Ky7S0LSnwPDPQ5kckFmTLztVpH8+RYzhtqm7yucGe +c5f+nHqzOkV9KVEcWygIOOSsOchYqbbccfgK2UTt0rYOYOWpZr70M+hug8ejgp0k +Po9oQ+sU2Sn1gJJDLLRAPmUMEum7dTV9Hl4btVtuadhhJ0UOZhqbKKjq9jFbS0hh +mgV8A5dhMkgAGmwcBTwvvDjnO6TOqzqWqcASYtZ4dRrBDAa+kY01J3fe9OGFgjZE +yLWguRTmKh99hN0P8hbYHHwv3lKyCyJqtqCQsiXRFvZtzbRq9r5df4B2FXjm5uqW +qDzfVNhdD+blqwBplvVWUVidNUjSeTzPEqJj55WmTohwOeLlUQKCAQEAzeSgYqx0 +tsD6hhLQ9Oy2KpvNBdiRlP1YxtRgm9GInqRhUCGdj7hvGcD7JNjZDoypvIazJhwv +/cXuhzuZeYqHwktjPThJHaaVuHUsxTMD+ntvEhOXaZ/Vhl2Zd4USZ+jZLax5Qxn1 +v2iXYzCuoduyyhr7nocoDTDtm25DD0p8gdUgXiRhxvKRMBv1mzo2lzOb7lRyvxzX +APTtmUz9w7Y/Maiqv7ommFnl4Grq1SLlsCrI6aWHr+mC/oaDNGeGKGmHx9fev8tw +L/Y2wY9WcZ+DxY63DLZC+8+eQ9g0KcHRVzr+FpzopYB35oZVRqFTngoZSTNCFPbv +YjNxD3O99ulm9QKCAQEAwagXJt2hHQRxrtGJIXEA/RZZWfFeM1wIsam8QzPRnTgL +8SrHYAXM+zSAcIpe+0ou8fJ2JzTo7tkEyEkVGturZlUraO+QDhU5SeuYPNT44Trt +ptNU6CcDXau6Hg7nWT59RqzBtj/veCOndpRP1UsrAA7QzhdZii87Gd5A6XjoQ8la +q/L6/oF89dKn3DFwWsTWj2AVGiLTrI7j9OAFiy+Yx1EO5v9po3u0M5CQNR+7dOH9 +XFHgisi0BIJIiq0FaI07P2sP+LJaApjPOThgu1kCWUKyB0O0Al1x9QCiviWdiMqM +mEWgSpDA0ENmaL2k4gJCdXtmF2MFhRF2kzIP25+ohwKCAQB4amMm8oecLscWTMDq +zdpIlzBUX/Hc+kLGnoUV/Hjzl13WmKJm4M4ReN0pEq33pWrL+NejzU6AFBfJ/aBo +Bg4aIy8aKeYRMlFUPSt+9bQ49aHjJ5QhUTp3SByuWySFoxgJb1rIVNF2LbyEZX9s +6Gnra9aHQ7K37Eq64cTUl5Kz+CrjBFIvIcSqJ2AAdg5hZeynebpWbY6NX7HqO64a +nWbeKzAZy8wwxDr+gmlvV+aPnqY8h/QQfPiA1bi8mGNNFVM1HNqIv3mQg2ZI1AUR +lOJjU3FZPOt2DFoagcMYPOOrKbRbE0+5I6Z8K0qKcWXPA0cAmbrnOfiNLVrNV7rd +QmpVAoIBAHBdIaHRcswtafDvb0vSD6rJrup7HBdczUaYn722cWdxv6wdEDXs57TS +D7w87UONFZQZBOlWz9jWXun/TZmZ3+euf1ORvNoPAoCbjGevgwDcekwTzu4sxM0y ++Pi72Qx1L6c0Uel3S3E/7sjk4TV3Oen8rrcF4VRGd1pZFPzixJGgYVXn1C6b32+a +3P7sSK7CC2SBcX0KvBshha7t1QmfglwT8juh8x+ChVpuBN5uHQyCm8lXUJv2PE1p +csHUBpFVcQ0pB8lbYtKi64nd5nKOAMjd5AJHDElbAuYPil4d4Twfmlg3/fuF5fpx +QRiBAQyKFxmnkeL795XwPgbGQ2FBUD0CggEAPXS2MYI4YQorwXmBy6iXIt0ZpgeX +fnnYPholuRM4ZkQrJyGpMbgU5MLgGlKDsDhRgp5SjTqVS1v8T6MOdrchkSEi/RnO +0pBuDAslEMkA07LV3GLq6on1VWeOw8tkw1O7k5/AmLNyuZEQFBeMDv8coJeAwmLP +pg1VEr+seQQPgF/qI0s0L421bro8QqHIbPJBBeKEUZ6YcOaa+I/slGOYf3Nizkr7 +p/tKu+KN2Uk6IvI84XPnk2g82DCmmdTm0ke3KIeU0+SNdZJDlTA3fUbY5UBJk8f1 +nWeY37SHixMJ9nCCKVZiH2sJ8+oGQ5+cswNsdZVwIZPpXmIzXYCQWJpuow== +-----END RSA PRIVATE KEY----- diff --git a/certs/root/intermediate.cacert.pem b/certs/root/intermediate.cacert.pem new file mode 100644 index 0000000..a0595fc --- /dev/null +++ b/certs/root/intermediate.cacert.pem @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFwjCCA6qgAwIBAgIBATANBgkqhkiG9w0BAQsFADB3MQswCQYDVQQGEwJERTEP +MA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBkZJV0FS +RTESMBAGA1UEAxMJRklXQVJFLUNBMSEwHwYJKoZIhvcNAQkBFhJyb290LWNhQGZp +d2FyZS5vcmcwHhcNMjIwOTIxMTIwNDUzWhcNMjkxMjIzMTIwNDUzWjBqMQswCQYD +VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQKEwZGSVdBUkUxFjAUBgNV +BAMUDUZJV0FSRS1DQV9UTFMxITAfBgkqhkiG9w0BCQEWEnJvb3QtY2FAZml3YXJl +Lm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANjtrG/NDN2PtA7l +1fU9U42abgOyMryMRoT3DB/SlOnGcg8JeWEyha4t8znZMduwP7lMUq281rS3pEZf +R3lUBfXhC5cBUjQDLKlYdVWTVJTTqhhMLwyNrerd4RIVkx5vMgEfObFkJOjCxDR2 ++bFEHLyXwUaFFz8EAUj8kLsphHIuXv3NLSWiKWH2xYVOx1DKxwAZ+dqTueGyeOvi +QvO5r78uOG9NjwXw46boREKNSleDXpQMEG94gzgZygjdQ1tR3a/0K8QMlgBI12NO +pa6XL+an5l5iSzB/oYzZguAX0HGumMUvr4zhKiPzgiKyRrFf1mOjEUpgUV9rDH35 +MNv5cjgjFR1CdvPgveZc7zjZWT4786U8NZ6Wa/jRfiPUISykUps3zfsOq2jWNqSz +u+LSGcoXRcaL0bIjuScQkVaH3BFua4SuU75bifMaZqol/xVA4CONqXkFkihyuqw2 +eu86045w+XiPpZ1NYa+wdE9pR6RBNgb9vG8Po+43TLe0phxbB8eO5Xokpq2Qe9Hx +NbrF6sI03n/9VQXmIRcaLvtQ+k2a0sPcmMi0s1b5GCqmf13OlWRxTqPWLuKy8i8c +yiq2q/XVNpZ5UdIf47rkkI8PGLKe6Nzh/uhd0ZCn0t5Hu8nRS7hi/XCfJ+he6QRg +KCGSXITG0IwjA50gyaFo6c/9VRePAgMBAAGjZjBkMB0GA1UdDgQWBBQkH+EGxmGI +ZB3U1NE2UnAwBdtsgzAfBgNVHSMEGDAWgBR/813uZ43zu/7iXBl2WsWTuSlmDjAS +BgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsF +AAOCAgEAVgpKfvpk9uyb16VIWs3uksYzgwJyjGqpJ0j9FmTrg4HyrzfXLKlDX09W +6RaEZ8dVGPugNsLTA/WXWsejWjaj8Ygk8sy5OLQ/qVO9MFEK5muco2O4Au8GjrOM +x+Y65DMUByHPHPhUhBapUzSz4ho4rpqabHYc0FIq5tmSMweNUG9rcPRMx9//anOc +4fkw9Rkvl0oMXHBqDeluLVgfN6xuJX8pqZidgvj6P3Zg7dJqj+1RSNuVdfWwDTug +25p/VAZqKeFY1UrdbRmREQ22tjgw9eH0+8fv4hK5gWfR8U1qNOIBwRAQasUcOs4T +tot/QakAb/aP753p2wg2prm/pByB2S3uTcuayj6Z8OUYKQwnF6pLa9HwKOObTD6K +kRP2OlcPQwwNXzZiHs3eiVgAAoyCSc1I1PIKA64iAJXHsFsCHJzBBStrZLdL1Xcx +GeurZHg7nulEcMZ32JEShxqPsH/YqorO2RzP4XhsUMh7mEHCLMCZHphzjip5kaoi +y1Q7+Q1/P0kf7yUTCLudp+20Vm5kFcy9zLLggl7EUkru6djv5q2cbPSz0J/NnPjR +GOFMlCrJ/DjWNJN0Ss/k3rCuhQbzZGyNw1vQCc602VNpJT5N7N9H7tKaZlE89G1k +oU/RLlGTDpD/RxBX2s9oFiO4yIX5+R2nfKW36uC9f4hiYT6sRvE= +-----END CERTIFICATE----- diff --git a/certs/root/intermediate.cakey.pem b/certs/root/intermediate.cakey.pem new file mode 100644 index 0000000..575cede --- /dev/null +++ b/certs/root/intermediate.cakey.pem @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJJwIBAAKCAgEA2O2sb80M3Y+0DuXV9T1TjZpuA7IyvIxGhPcMH9KU6cZyDwl5 +YTKFri3zOdkx27A/uUxSrbzWtLekRl9HeVQF9eELlwFSNAMsqVh1VZNUlNOqGEwv +DI2t6t3hEhWTHm8yAR85sWQk6MLENHb5sUQcvJfBRoUXPwQBSPyQuymEci5e/c0t +JaIpYfbFhU7HUMrHABn52pO54bJ46+JC87mvvy44b02PBfDjpuhEQo1KV4NelAwQ +b3iDOBnKCN1DW1Hdr/QrxAyWAEjXY06lrpcv5qfmXmJLMH+hjNmC4BfQca6YxS+v +jOEqI/OCIrJGsV/WY6MRSmBRX2sMffkw2/lyOCMVHUJ28+C95lzvONlZPjvzpTw1 +npZr+NF+I9QhLKRSmzfN+w6raNY2pLO74tIZyhdFxovRsiO5JxCRVofcEW5rhK5T +vluJ8xpmqiX/FUDgI42peQWSKHK6rDZ67zrTjnD5eI+lnU1hr7B0T2lHpEE2Bv28 +bw+j7jdMt7SmHFsHx47leiSmrZB70fE1usXqwjTef/1VBeYhFxou+1D6TZrSw9yY +yLSzVvkYKqZ/Xc6VZHFOo9Yu4rLyLxzKKrar9dU2lnlR0h/juuSQjw8Ysp7o3OH+ +6F3RkKfS3ke7ydFLuGL9cJ8n6F7pBGAoIZJchMbQjCMDnSDJoWjpz/1VF48CAwEA +AQKCAgAJZ1w3SINLQ4SBtNLum6b4l343aM0sQUR5VSBQbNeJvtGI91cssHz9DP7j +PhgcNuq8RKO85lfEY8WaS10U1GChxQy0khkXKiAQg0Yq3IUpInfYL81GVQn6CX5N +Q2QqSJW5WLouh3HWKUNKJvIyDgrU3htBzFkyoSDRIinAA0+7h2kUxYU0gXAb0A/F +9KFNTk0MIxQito6zSwJU720Jlb4Zoo5NvOX7UvL7dEwpOmjDnG1IK7G2s1m03+FT +OwxFdCoRC5uuFwGVp5K2ul0SUXmBHTwuUUKDKrU9Hty+jCm8E96JhcStbcFe55p3 +mJTZ8ZagoRwJxl0grspO17OXhZu+4L7aZp4v1dl91hsJeA62xexBRBhpNsYUKvrV +y/QCHxwQoOLN5tl8Cj3viqxKlJvmJ2xPCySrH3t8odCMXdimMSxQ6EYWzHbb+uRc +xbEdP4nFLV8YX1P9xBQVPpx8F4OqJa1653Kaz1RZKknca45fhI2hPDhyeHMSpKUu +7O9mg4Qb0XblG/hNplRGo430ee3MYwWEnIoFlEZ7I/Jch3TIt+Wq1ZAEfaOC6wvP +eavNppT+gKbA4u1+jhA+z7rQ2X84OLAGcH9HqmKn3MCIfIQgAO+N970IOYs5/1bj +nWCUeGakhnM2WlxVwmGWVurNwqJ+H8fgf9B2qk7CbnPlsEDRIQKCAQEA/4aiaedc +uqssVjdqtsGdWoRlbB+awanUpvw09ToK7neEyYtfL/1k2JZAaYIILDIHfOJMrDWt +wXt+wyyNwqfmNVhKHUMntHCCfA0Yj90ZtF61Dv+yWPDF0RTjR5OzA8SmNSwDc5hD +8j4uhHax6VbSde6A43Qab9IUdGp2URazfpYBcDB/PITergWRl7Mis7Mp4sxYsBsZ +tBSnV9rlY3Zvroye7KDaRaDEdanFa8oZn09RsowJ4HhsGS6yQnI9OJsNW3HkM4oi +pyGnptCduLWfyTDUNC0zltka99FLJQWijHRJcACVnmty7Js4Hims790uZTbI7U6X +RtEYGWDDTj9sfwKCAQEA2VS07IMdUWLcqhjkHP0yWXUW3ynPpCnFouSfad5iZemH +V4OBreVaP/LzgjLkka17HhYe0pHPkPPZBjD0hx3/oEtcCLrjYDbdlTfO2xOSD/kf +Rq5N+ucH+bKkMj0531BbXLnZ8rx/emRtvbHcFogbJka7XuJa2eQiaiRYFfJmKlUt +378cWXPAaQBkOnWGgqYKUykqFwN8bvT4gZW7eYQ2KyKqXkaAcQ4ERV7ZhE1Xbuw6 +EI5hOETh3s4hwTySi05MPByKk9b9RBr9lAnmnCqeUXp/gapsAdx6JFjlBVGD5x4s ++x8GSzHFIOd1hwEwHMCwMgXeRTWQuu9eZk2nqHYM8QKCAQA9vm6oYHuLr6j6/FEQ +8B/xq2RGiCyA92SnJPI2/1t82+x+Nus9UWF45HWUCROoej5M8vHL+vyNcCXlS3LF +woRiB3+BKqUBeN5O02tH+AkqCGh/w1F5JFTofL+eoBX1pyLyXjxHRlfExTnAUF4V +ICGi1YrXa0qoEn9W0hLc7TtaLy0RyuYz3XdhXX8cxPBxs60/XFlh1GqVlRgKpp4f +NpMt/lS4oPWdNYfDVs6ZiTA/yo7XMfeBAhg8zYfNfoVElFLZ8d9OhOZytDMqn+Y8 +p8aAewgLw5Bftv5JO42I2J+6iK7mHX4J1bTjb25T+4YKP8viMSbEEOWE+ylzmGoZ +EkJJAoIBADqWJiu38LhW4UuNaDkUXHVXJjJEsC/9/sQ5w2ujwnzcplqGHfhF4r1o +fhJ0K7/Ft3HV3rs/CWh3A+MyYUjnYljQ19+WmeL/B17Ja58NOIvLyY2hQW5Ix5Kd +gLv2W1qC7A4kH8fa3racyiSgBMeiK0d3O92JQZqJcGmSoJhR/w6cZcByYW8P0Ce+ +LkbAFeG0ZwYiC7Gmg+3ZZgBw39gTNxMLxkeh09AmSip1Nkf/HXnOfpyl9TlZAFay +1NClxo99LPnra8QM6btpV0CIJr2kk4c9cY//5BvgVqDjweFcJyWvscqEg4rTwONs +4fbh8BlgLF9fy5p2pSxviNAlUPQN1tECggEARm6l5SJrwPUW8gqOc+4ruMhhWX36 +fkGGjVdiaid1zoJdRjKi7DLQ9CwTkGEmSLRBcIC2r48S7vZ69PDAi5+4iiX75vim +4im7yhglru8/gxm+w3r3Hp2OB7dpUZ4cM8QLf+JCy5STMyTaVOGrTQqWCSFtnsZm +faGOu1aRFVPBQ4nj0RvTHq87OGpk7q2eGaTmaRQ+bEhvYKCjORCguGTgUCzmFdVG +Qdb9gg+I5quKDT8EGte1upX850/WeRT0kLSNCL0PPxq9/w3wAxlGOuWii5kVMIsy +4CpxXjNMJqhiet5dXQShbO5LoJlmtuh9e8R4Xf1m143G1VQ85EcI65wkjA== +-----END RSA PRIVATE KEY----- diff --git a/i4trust-consumer/Chart.yaml b/i4trust-consumer/Chart.yaml new file mode 100644 index 0000000..8085a85 --- /dev/null +++ b/i4trust-consumer/Chart.yaml @@ -0,0 +1,8 @@ +apiVersion: v2 +name: ai-marketplace +description: Helm chart to deploy the AI-Marketplace components +type: application +version: 0.0.1 +maintainers: + - name: Stefan Wiedemann + email: stefan.wiedemann@fiware.org diff --git a/i4trust-consumer/templates/_helpers.tpl b/i4trust-consumer/templates/_helpers.tpl new file mode 100644 index 0000000..c115ec6 --- /dev/null +++ b/i4trust-consumer/templates/_helpers.tpl @@ -0,0 +1,4 @@ +{{/* vim: set filetype=mustache: */}} + +{{- define "platform" -}} +{{- end -}} diff --git a/i4trust-consumer/templates/argo-application.yaml b/i4trust-consumer/templates/argo-application.yaml new file mode 100644 index 0000000..752b4a5 --- /dev/null +++ b/i4trust-consumer/templates/argo-application.yaml @@ -0,0 +1,85 @@ +{{- if .Values.applications }} +{{- $release := .Values.release }} +{{- $source := .Values.source }} +{{- range $app := .Values.applications }} +{{- if $app.source }} +{{- $source = $app.source }} +{{- end }} +{{- if $app.enabled }} +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + finalizers: + - resources-finalizer.argocd.argoproj.io +{{- if or (eq $release "ci-cd") (eq $release "cluster-ops") (eq $release "pm") }} + name: {{ .name }} +{{- else }} + name: {{ $release }}-{{ .name }} +{{- end }} + labels: + destination-namespace: {{ .destination }} +{{- if .values }} +{{- if .values.fullnameOverride }} +{{- if contains .values.fullnameOverride .name }} + app.kubernetes.io/instance: {{ .values.fullnameOverride }} +{{- end }} +{{- else }} + app.kubernetes.io/instance: {{ .name }} +{{- end }} +{{- end }} +spec: + destination: + namespace: {{ .destination }} + server: {{ .cluster_api | default "https://kubernetes.default.svc" }} + project: {{ .project | default "default" }} + source: +{{- if or .helm_values .values }} + helm: +{{- if .helm_values }} + valueFiles: +{{- toYaml .helm_values | nindent 8 }} +{{- end }} +{{- if (.values) }} + values: | +{{- toYaml .values | nindent 8 }} +{{- end }} +{{- if or .releaseName .name }} + releaseName: {{ .releaseName | default .name }} +{{- end }} +{{- end }} + {{- if .source_path }} + path: {{ .source_path | default "." }} + {{- end }} + repoURL: {{ $source }} + targetRevision: {{ .source_ref | default "main" | quote }} + {{- if not .source_path }} + chart: {{ .chart_name | default .name }} + {{- end }} + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - Validate=true + ignoreDifferences: + {{- if .managedDatabase }} + # special handling in case of managed databases. They use configmaps to provide connection information and get updated by the cluster. + - group: "*" + kind: ConfigMap + jsonPointers: + - /data + {{- end }} + - group: apps + kind: Deployment + jsonPointers: + - /spec/replicas + - /spec/template/spec/containers/0/image + - /spec/template/spec/containers/1/image + - group: integreatly.org + kind: GrafanaDataSource + jsonPointers: + - /spec/datasources/0/secureJsonData/httpHeaderValue1 +{{- end }} +{{- end }} +{{- end }} diff --git a/i4trust-consumer/values.yaml b/i4trust-consumer/values.yaml new file mode 100644 index 0000000..018ebe7 --- /dev/null +++ b/i4trust-consumer/values.yaml @@ -0,0 +1,51 @@ +## values to be used for deployement in PoC namespaces +## additional config file is used, since we rely on managed databases there. + +source: https://github.com/FIWARE-Ops/i4trust-consumer +release: i4t-consumer-demo +destination_namespace: &destination i4t-consumer-demo +branch: &branch main +secretsEnabled: &secretsEnabled false + +applications: + - name: mysql + enabled: true + source_path: applications/mysql + source_ref: *branch + destination: *destination + helm_values: + - values.yaml + + - name: consumer-keyrock + enabled: true + source_path: applications/consumer-keyrock + source_ref: *branch + destination: *destination + helm_values: + - values.yaml + values: + keyrock: + host: https://consumer-keyrock-0-i4t-consumer-main.apps.fiware.fiware.dev + satellite: + # Need to specify valid satellite hostname here + url: "https://ishare-satellite-i4t-consumer-main.apps.fiware.fiware.dev" + tokenEndpoint: "https://ishare-satellite-i4t-consumer-main.apps.fiware.fiware.dev/token" + partiesEndpoint: "https://ishare-satellite-i4t-consumer-main.apps.fiware.fiware.dev/parties" + + - name: consumer-keyrock-shop + enabled: true + source_path: applications/consumer-keyrock-shop + source_ref: *branch + destination: *destination + helm_values: + - values.yaml + values: + keyrock: + host: https://consumer-keyrock-shop-0-i4t-consumer-main.apps.fiware.fiware.dev + satellite: + # Need to specify valid satellite hostname here + url: "https://ishare-satellite-i4t-consumer-main.apps.fiware.fiware.dev" + tokenEndpoint: "https://ishare-satellite-i4t-consumer-main.apps.fiware.fiware.dev/token" + partiesEndpoint: "https://ishare-satellite-i4t-consumer-main.apps.fiware.fiware.dev/parties" + +