diff --git a/charts/dbildungs-iam-server/templates/_dbildungs-iam-server-envs.tpl b/charts/dbildungs-iam-server/templates/_dbildungs-iam-server-envs.tpl index f848b2f9e..8ae0a3964 100644 --- a/charts/dbildungs-iam-server/templates/_dbildungs-iam-server-envs.tpl +++ b/charts/dbildungs-iam-server/templates/_dbildungs-iam-server-envs.tpl @@ -1,124 +1,94 @@ {{- define "dbildungs-iam-server-backend-envs" }} - - name: DB_SECRET - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: db-password - - name: DB_USERNAME - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: db-username - - name: DB_HOST - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: db-host - - name: KC_ADMIN_SECRET - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: keycloak-adminSecret - - name: DB_CLIENT_URL - value: "postgres://$(DB_HOST)/" - - name: KC_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: keycloak-clientSecret - - name: KC_SERVICE_CLIENT_PRIVATE_JWKS - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: service-account-private-jwks - - name: FRONTEND_SESSION_SECRET - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: frontend-sessionSecret - - name: ITSLEARNING_ENABLED - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: itslearning-enabled - - name: ITSLEARNING_ENDPOINT - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: itslearning-endpoint - - name: ITSLEARNING_USERNAME - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: itslearning-username - - name: ITSLEARNING_PASSWORD - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: itslearning-password - - name: LDAP_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: ldap-admin-password - - name: PI_BASE_URL - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: pi-base-url - - name: PI_ADMIN_USER - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: pi-admin-user - - name: PI_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: pi-admin-password - - name: PI_USER_RESOLVER - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: pi-user-resolver - - name: PI_REALM - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: pi-user-realm - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: redis-password - - name: VIDIS_BASE_URL - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: vidis-base-url - - name: VIDIS_USERNAME - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: vidis-username - - name: VIDIS_PASSWORD - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: vidis-password - - name: VIDIS_REGION_NAME - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: vidis-region-name - - name: VIDIS_KEYCLOAK_GROUP - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: vidis-keycloak-group - - name: VIDIS_KEYCLOAK_ROLE - valueFrom: - secretKeyRef: - name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} - key: vidis-keycloak-role +- name: DB_SECRET + valueFrom: + secretKeyRef: + name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} + key: db-password +- name: DB_USERNAME + valueFrom: + secretKeyRef: + name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} + key: db-username +- name: DB_HOST + valueFrom: + secretKeyRef: + name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} + key: db-host +- name: KC_ADMIN_SECRET + valueFrom: + secretKeyRef: + name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} + key: keycloak-adminSecret +- name: DB_CLIENT_URL + value: "postgres://$(DB_HOST)/" +- name: KC_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} + key: keycloak-clientSecret +- name: KC_SERVICE_CLIENT_PRIVATE_JWKS + valueFrom: + secretKeyRef: + name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} + key: service-account-private-jwks +- name: FRONTEND_SESSION_SECRET + valueFrom: + secretKeyRef: + name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} + key: frontend-sessionSecret +- name: ITSLEARNING_ENABLED + valueFrom: + secretKeyRef: + name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} + key: itslearning-enabled +- name: ITSLEARNING_ENDPOINT + valueFrom: + secretKeyRef: + name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} + key: itslearning-endpoint +- name: ITSLEARNING_USERNAME + valueFrom: + secretKeyRef: + name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} + key: itslearning-username +- name: ITSLEARNING_PASSWORD + valueFrom: + secretKeyRef: + name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} + key: itslearning-password +- name: LDAP_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} + key: ldap-admin-password +- name: PI_BASE_URL + valueFrom: + secretKeyRef: + name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} + key: pi-base-url +- name: PI_ADMIN_USER + valueFrom: + secretKeyRef: + name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} + key: pi-admin-user +- name: PI_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} + key: pi-admin-password +- name: PI_USER_RESOLVER + valueFrom: + secretKeyRef: + name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} + key: pi-user-resolver +- name: PI_REALM + valueFrom: + secretKeyRef: + name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} + key: pi-user-realm +- name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: {{ default .Values.auth.existingSecret .Values.auth.secretName }} + key: redis-password {{- end}} diff --git a/charts/dbildungs-iam-server/templates/backend-deployment.yaml b/charts/dbildungs-iam-server/templates/backend-deployment.yaml index 0c5b14b06..56a8aae53 100644 --- a/charts/dbildungs-iam-server/templates/backend-deployment.yaml +++ b/charts/dbildungs-iam-server/templates/backend-deployment.yaml @@ -45,9 +45,9 @@ spec: command: [ "node", "dist/src/console/main.js", "keycloak", "update-clients", "dev" ] env: {{- include "dbildungs-iam-server-backend-envs" . | indent 12 }} - {{- if .Values.backend.extraEnvVars }} - {{ toYaml .Values.backend.extraEnvVars | nindent 12 }} - {{- end }} + {{- if .Values.backend.extraEnvVars }} + {{ toYaml .Values.backend.extraEnvVars | nindent 12 }} + {{- end }} envFrom: - configMapRef: name: {{ template "common.names.name" . }} diff --git a/charts/dbildungs-iam-server/templates/configmap.yaml b/charts/dbildungs-iam-server/templates/configmap.yaml index 6603a8e9f..67068141c 100644 --- a/charts/dbildungs-iam-server/templates/configmap.yaml +++ b/charts/dbildungs-iam-server/templates/configmap.yaml @@ -28,3 +28,4 @@ data: ITSLEARNING_ROOT: '{{ .Values.itslearning.root }}' ITSLEARNING_ROOT_OEFFENTLICH: '{{ .Values.itslearning.rootOeffentlich }}' ITSLEARNING_ROOT_ERSATZ: '{{ .Values.itslearning.rootErsatz }}' + NODE_OPTIONS: "--max-old-space-size={{ .Values.backend.env.maxOldSpaceSize }}" diff --git a/charts/dbildungs-iam-server/values.yaml b/charts/dbildungs-iam-server/values.yaml index b175bda68..889ee89ba 100644 --- a/charts/dbildungs-iam-server/values.yaml +++ b/charts/dbildungs-iam-server/values.yaml @@ -145,6 +145,7 @@ backend: renameWaitingTimeInSeconds: 3 stepUpTimeoutInSeconds: 900 stepUpTimeoutEnabled: 'false' + maxOldSpaceSize: 3584 autoscaling: enabled: false