Merge branch 'master' into DTSPO-22727-patch-neuvector-nonprod

hmcts · Dec 11, 2024 · b8cc888 · b8cc888
2 parents b5e6b47 + 492db9b
commit b8cc888
Show file tree

Hide file tree

Showing 310 changed files with 10,705 additions and 24,365 deletions.
diff --git a/CODEOWNERS b/CODEOWNERS
@@ -50,9 +50,6 @@ apps/darts-modernisation/ @hmcts/darts
 ### JUROR
 apps/juror/ @hmcts/juror
 
-### DATA CATALOGUE (DC)
-apps/dc/ @hmcts/data-catalogue-team
-
 ### OPAL
 apps/opal/ @hmcts/opal
 

diff --git a/apps/admin/aad-pod-identity/sbox/azure-identity-auto-cluster-01.yaml b/apps/admin/aad-pod-identity/sbox/azure-identity-auto-cluster-01.yaml
@@ -0,0 +1,6 @@
+- op: replace
+  path: /spec/resourceID
+  value: /subscriptions/a8140a9e-f1b0-481f-a4de-09e2ee23f7ab/resourcegroups/ss-sbox-01-rg/providers/Microsoft.ContainerService/managedClusters/ss-sbox-01-aks
+- op: replace
+  path: /spec/clientID
+  value: 8c44a4cc-f514-43fc-bc82-da3bdd3dfacc
diff --git a/apps/admin/sbox/01/kustomization.yaml b/apps/admin/sbox/01/kustomization.yaml
@@ -5,3 +5,9 @@ resources:
 
 patches:
 - path: ../../traefik2/sbox/01-traefik2.yaml
+- path: ../../aad-pod-identity/sbox/azure-identity-auto-cluster-01.yaml
+  target:
+    group: aadpodidentity.k8s.io
+    kind: AzureIdentity
+    name: aks-pod-identity-mi
+    version: v1
diff --git a/apps/admin/traefik-crds/kustomization.yaml b/apps/admin/traefik-crds/kustomization.yaml
@@ -1,12 +1,12 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - https://raw.githubusercontent.com/traefik/traefik-helm-chart/v30.0.2/traefik/crds/traefik.io_ingressroutetcps.yaml
-  - https://raw.githubusercontent.com/traefik/traefik-helm-chart/v30.0.2/traefik/crds/traefik.io_ingressroutes.yaml
-  - https://raw.githubusercontent.com/traefik/traefik-helm-chart/v30.0.2/traefik/crds/traefik.io_ingressrouteudps.yaml
-  - https://raw.githubusercontent.com/traefik/traefik-helm-chart/v30.0.2/traefik/crds/traefik.io_middlewares.yaml
-  - https://raw.githubusercontent.com/traefik/traefik-helm-chart/v30.0.2/traefik/crds/traefik.io_middlewaretcps.yaml
-  - https://raw.githubusercontent.com/traefik/traefik-helm-chart/v30.0.2/traefik/crds/traefik.io_serverstransports.yaml
-  - https://raw.githubusercontent.com/traefik/traefik-helm-chart/v30.0.2/traefik/crds/traefik.io_tlsoptions.yaml
-  - https://raw.githubusercontent.com/traefik/traefik-helm-chart/v30.0.2/traefik/crds/traefik.io_tlsstores.yaml
-  - https://raw.githubusercontent.com/traefik/traefik-helm-chart/v30.0.2/traefik/crds/traefik.io_traefikservices.yaml
+  - https://raw.githubusercontent.com/traefik/traefik-helm-chart/v33.0.0/traefik/crds/traefik.io_ingressroutetcps.yaml
+  - https://raw.githubusercontent.com/traefik/traefik-helm-chart/v33.0.0/traefik/crds/traefik.io_ingressroutes.yaml
+  - https://raw.githubusercontent.com/traefik/traefik-helm-chart/v33.0.0/traefik/crds/traefik.io_ingressrouteudps.yaml
+  - https://raw.githubusercontent.com/traefik/traefik-helm-chart/v33.0.0/traefik/crds/traefik.io_middlewares.yaml
+  - https://raw.githubusercontent.com/traefik/traefik-helm-chart/v33.0.0/traefik/crds/traefik.io_middlewaretcps.yaml
+  - https://raw.githubusercontent.com/traefik/traefik-helm-chart/v33.0.0/traefik/crds/traefik.io_serverstransports.yaml
+  - https://raw.githubusercontent.com/traefik/traefik-helm-chart/v33.0.0/traefik/crds/traefik.io_tlsoptions.yaml
+  - https://raw.githubusercontent.com/traefik/traefik-helm-chart/v33.0.0/traefik/crds/traefik.io_tlsstores.yaml
+  - https://raw.githubusercontent.com/traefik/traefik-helm-chart/v33.0.0/traefik/crds/traefik.io_traefikservices.yaml
diff --git a/apps/admin/traefik2/demo/00-traefik2.yaml b/apps/admin/traefik2/demo/00-traefik2.yaml
@@ -5,20 +5,6 @@ metadata:
   namespace: admin
 spec:
   values:
-    additionalArguments:
-      - "--entryPoints.web.transport.respondingTimeouts.writeTimeout=600s"
-      - "--entryPoints.websecure.transport.respondingTimeouts.writeTimeout=600s"
-      - "--entryPoints.web.transport.respondingTimeouts.readTimeout=600s"
-      - "--entryPoints.websecure.transport.respondingTimeouts.readTimeout=600s"
-      - "--entryPoints.web.transport.respondingTimeouts.idleTimeout=600s"
-      - "--entryPoints.websecure.transport.respondingTimeouts.idleTimeout=600s"
-      - "--serversTransport.forwardingTimeouts.dialTimeout=30s"
-      - "--serversTransport.forwardingTimeouts.responseHeaderTimeout=600s"
-      - "--serversTransport.forwardingTimeouts.idleConnTimeout=600s"
-      - "--log.level=DEBUG"
-    logs:
-      general:
-        level: DEBUG
     ports:
       traefik:
         expose:

diff --git a/apps/admin/traefik2/traefik2.yaml b/apps/admin/traefik2/traefik2.yaml
@@ -9,7 +9,7 @@ spec:
     spec:
       chart: traefik
       # update the crd version in traefik-crds when updating this
-      version: 30.0.2
+      version: 33.0.0
       sourceRef:
         kind: HelmRepository
         name: traefik

diff --git a/apps/azure-devops/azure-devops-agent-keda/azure-devops-agent.yaml b/apps/azure-devops/azure-devops-agent-keda/azure-devops-agent.yaml
@@ -35,7 +35,7 @@ spec:
   chart:
     spec:
       chart: function
-      version: 2.5.2
+      version: 2.5.3
       sourceRef:
         kind: HelmRepository
         name: hmctspublic

diff --git a/apps/azureserviceoperator-system/aso/kustomization.yaml b/apps/azureserviceoperator-system/aso/kustomization.yaml
@@ -1,7 +1,7 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - https://github.com/Azure/azure-service-operator/releases/download/v2.2.0/azureserviceoperator_v2.2.0.yaml
+  - https://github.com/Azure/azure-service-operator/releases/download/v2.10.0/azureserviceoperator_v2.10.0.yaml
 patches:
   - patch: |-
       - op: add
@@ -13,6 +13,9 @@ patches:
       - op: replace
         path: /spec/template/spec/nodeSelector
         value:
-          kubernetes.azure.com/agentpool: linux
+          kubernetes.azure.com/agentpool: system
     target:
-      kind: Deployment
+      kind: Deployment
+  - target:
+      kind: Deployment
+    path: toleration_patch.yaml
diff --git a/apps/azureserviceoperator-system/aso/toleration_patch.yaml b/apps/azureserviceoperator-system/aso/toleration_patch.yaml
@@ -0,0 +1,12 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: azureserviceoperator-controller-manager
+spec:
+  template:
+    spec:
+      tolerations:
+        - effect: NoSchedule
+          key: CriticalAddonsOnly
+          operator: Equal
+          value: "true"
diff --git a/apps/azureserviceoperator-system/cert-manager/kustomization.yaml b/apps/azureserviceoperator-system/cert-manager/kustomization.yaml
@@ -1,4 +1,4 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - https://github.com/jetstack/cert-manager/releases/download/v1.12.1/cert-manager.yaml
+  - https://github.com/jetstack/cert-manager/releases/download/v1.14.4/cert-manager.yaml
diff --git a/apps/azureserviceoperator-system/dev/base/aso-controller-settings.yaml b/apps/azureserviceoperator-system/dev/base/aso-controller-settings.yaml
@@ -6,6 +6,8 @@ data:
   AZURE_SUBSCRIPTION_ID: NzRkYWNkNGYtYTI0OC00NWJiLWEyZjAtYWY3MDBkYzRjZjY4
   AZURE_TENANT_ID: NTMxZmY5NmQtMGFlOS00NjJhLThkMmQtYmVjN2MwYjQyMDgy
   USE_WORKLOAD_IDENTITY_AUTH: dHJ1ZQ==
+  AZURE_SYNC_PERIOD: MTJo
+  MAX_CONCURRENT_RECONCILES: Mw==
 kind: Secret
 metadata:
   name: aso-controller-settings

diff --git a/apps/azureserviceoperator-system/resources/flexibleserver-postgres-config.yaml b/apps/azureserviceoperator-system/resources/flexibleserver-postgres-config.yaml
@@ -1,4 +1,4 @@
-apiVersion: dbforpostgresql.azure.com/v1api20210601
+apiVersion: dbforpostgresql.azure.com/v1api20230601preview
 kind: FlexibleServersConfiguration
 metadata:
   name: maxconnections

diff --git a/apps/azureserviceoperator-system/resources/flexibleserver-postgres.yaml b/apps/azureserviceoperator-system/resources/flexibleserver-postgres.yaml
@@ -1,4 +1,4 @@
-apiVersion: dbforpostgresql.azure.com/v1api20210601
+apiVersion: dbforpostgresql.azure.com/v1api20230601preview
 kind: FlexibleServer
 metadata:
   name: ${NAMESPACE}-${ENVIRONMENT}

diff --git a/apps/azureserviceoperator-system/resources/resource-group.yaml b/apps/azureserviceoperator-system/resources/resource-group.yaml
@@ -1,4 +1,4 @@
-apiVersion: resources.azure.com/v1beta20200601
+apiVersion: resources.azure.com/v1api20200601
 kind: ResourceGroup
 metadata:
   name: ${NAMESPACE}-aso-${ENVIRONMENT}-rg

diff --git a/apps/azureserviceoperator-system/sbox/base/kustomization.yaml b/apps/azureserviceoperator-system/sbox/base/kustomization.yaml
@@ -1,5 +1,23 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - ../../base
-  - aso-controller-settings.yaml
+  - aso-controller-settings.yaml
+  - https://github.com/Azure/azure-service-operator/releases/download/v2.10.0/azureserviceoperator_v2.10.0.yaml
+  - https://github.com/jetstack/cert-manager/releases/download/v1.14.4/cert-manager.yaml
+patches:
+  - patch: |-
+      - op: add
+        path: /spec/template/spec/containers/0/args/-
+        value: --crd-pattern=managedidentity.azure.com/*;servicebus.azure.com/*;resources.azure.com/*;managedidentity.azure.com/*;storage.azure.com/*;dbforpostgresql.azure.com/*;documentdb.azure.com/*
+    target:
+      kind: Deployment
+  - patch: |-
+      - op: replace
+        path: /spec/template/spec/nodeSelector
+        value:
+          kubernetes.azure.com/agentpool: system
+    target:
+      kind: Deployment
+  - target:
+      kind: Deployment
+    path: toleration_patch.yaml
diff --git a/apps/dc/base/kustomize.yaml → ...eoperator-system/sbox/base/kustomize.yaml b/apps/dc/base/kustomize.yaml → ...eoperator-system/sbox/base/kustomize.yaml
@@ -1,12 +1,11 @@
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
-  name: dc
+  name: aso
   namespace: flux-system
 spec:
-  path: ./apps/dc/${ENVIRONMENT}/${CLUSTER}
+  path: ./apps/azureserviceoperator-system/${ENVIRONMENT}/${CLUSTER}
   postBuild:
     substitute:
-      NAMESPACE: "dc"
+      NAMESPACE: "azureserviceoperator-system"
       TEAM_NOTIFICATION_CHANNEL: "${ENV_MONITOR_CHANNEL}"
-      WI_NAME: dc-purview-shir
diff --git a/apps/azureserviceoperator-system/sbox/base/toleration_patch.yaml b/apps/azureserviceoperator-system/sbox/base/toleration_patch.yaml
@@ -0,0 +1,12 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: azureserviceoperator-controller-manager
+spec:
+  template:
+    spec:
+      tolerations:
+        - effect: NoSchedule
+          key: CriticalAddonsOnly
+          operator: Equal
+          value: "true"
diff --git a/apps/base/workload-identity/workload-identity-federated-credential.yaml b/apps/base/workload-identity/workload-identity-federated-credential.yaml
@@ -1,4 +1,4 @@
-apiVersion: managedidentity.azure.com/v1beta20220131preview
+apiVersion: managedidentity.azure.com/v1api20220131preview
 kind: FederatedIdentityCredential
 metadata:
   name: ${WI_NAME}-${WI_CLUSTER}-fic

diff --git a/apps/base/workload-identity/workload-identity-rg.yaml b/apps/base/workload-identity/workload-identity-rg.yaml
@@ -1,4 +1,4 @@
-apiVersion: resources.azure.com/v1beta20200601
+apiVersion: resources.azure.com/v1api20200601
 kind: ResourceGroup
 metadata:
   name: managed-identities-${WI_ENVIRONMENT}-rg

diff --git a/apps/base/workload-identity/workload-identity-ua-identity.yaml b/apps/base/workload-identity/workload-identity-ua-identity.yaml
@@ -1,4 +1,4 @@
-apiVersion: managedidentity.azure.com/v1beta20181130
+apiVersion: managedidentity.azure.com/v1api20181130
 kind: UserAssignedIdentity
 metadata:
   name: ${WI_NAME}-${WI_ENVIRONMENT}-mi

diff --git a/apps/darts-modernisation/automation/kustomization.yaml b/apps/darts-modernisation/automation/kustomization.yaml
@@ -11,8 +11,6 @@ resources:
   - ../darts-gateway/image-policy.yaml
   - ../darts-stub-services/image-repo.yaml
   - ../darts-stub-services/image-policy.yaml
-  - ../darts-migration/image-policy.yaml
-  - ../darts-migration/image-repo.yaml
   - ../darts-proxy/image-repo.yaml
   - ../darts-proxy/image-policy.yaml
   - ../darts-ucf-test-harness/image-repo.yaml

diff --git a/apps/darts-modernisation/base/kustomization.yaml b/apps/darts-modernisation/base/kustomization.yaml
@@ -5,7 +5,6 @@ resources:
   - ../identity/identity.yaml
   - ../darts-api/darts-api.yaml
   - ../darts-ucf-test-harness/darts-ucf-test-harness.yaml
-  - ../darts-migration/darts-api-migration.yaml
   - ../darts-automated-tasks/darts-automated-tasks.yaml
   - ../darts-portal/darts-portal.yaml
   - ../darts-gateway/darts-gateway.yaml

diff --git a/apps/darts-modernisation/darts-api/darts-api.yaml b/apps/darts-modernisation/darts-api/darts-api.yaml
@@ -16,11 +16,19 @@ spec:
   values:
     java:
       replicas: 2
-      image: sdshmctspublic.azurecr.io/darts/api:prod-9ee7eec-20240829073230 # {"$imagepolicy": "flux-system:darts-api"}
+      image: sdshmctspublic.azurecr.io/darts/api:prod-7111cc6-20241211102924 # {"$imagepolicy": "flux-system:darts-api"}
       disableTraefikTls: true
-      memoryRequests: '2G'
-      memoryLimits: '3G'
+      memoryRequests: '3G'
+      memoryLimits: '4G'
+      cpuRequests: '2000m'
+      cpuLimits: '3000m'
     function:
-      image: sdshmctspublic.azurecr.io/darts/api:prod-9ee7eec-20240829073230 # {"$imagepolicy": "flux-system:darts-api"}
+      image: sdshmctspublic.azurecr.io/darts/api:prod-7111cc6-20241211102924 # {"$imagepolicy": "flux-system:darts-api"}
       memoryRequests: '2G'
       memoryLimits: '3G'
+    darts-portal:
+      enabled: false
+      ingressHost: darts-portal-nodejs.{{ .Values.global.environment }}.apps.hmcts.net
+      replicas: 0
+      autoscaling:
+        enabled: false
diff --git a/apps/darts-modernisation/darts-api/demo.yaml b/apps/darts-modernisation/darts-api/demo.yaml
@@ -16,7 +16,13 @@ spec:
         APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL: ALL
         ARM_URL: https://www.test.court-tribunal-records-archive.service.justice.gov.uk
         FEIGN_LOG_LEVEL: full
+        CASE_EXPIRY_DELETION_ENABLED: false
+        MANUAL_DELETION_ENABLED: false
+        EVENT_OBFUSCATION_ENABLED: false
+        PROCESS_E2E_ARM_RPO: true
+        ARM_RPO_DURATION: 24h
+        IS_MOCK_ARM_RPO_DOWNLOAD_CSV: false
     function:
-      image: sdshmctspublic.azurecr.io/darts/api:prod-9ee7eec-20240829073230 # {"$imagepolicy": "flux-system:darts-api"}
+      image: sdshmctspublic.azurecr.io/darts/api:prod-7111cc6-20241211102924 # {"$imagepolicy": "flux-system:darts-api"}
       environment:
         ARM_URL: https://www.test.court-tribunal-records-archive.service.justice.gov.uk
diff --git a/apps/darts-modernisation/darts-api/ithc.yaml b/apps/darts-modernisation/darts-api/ithc.yaml
@@ -14,4 +14,9 @@ spec:
         DARTS_LOG_LEVEL: DEBUG
         ACTIVE_DIRECTORY_B2C_BASE_URI: https://hmctsithcextid.b2clogin.com
         ACTIVE_DIRECTORY_B2C_AUTH_URI: https://hmctsithcextid.b2clogin.com/hmctsithcextid.onmicrosoft.com
-        ARM_URL: http://darts-stub-services.ithc.platform.hmcts.net
+        ARM_URL: http://darts-stub-services.ithc.platform.hmcts.net
+        CASE_EXPIRY_DELETION_ENABLED: false
+        MANUAL_DELETION_ENABLED: false
+        EVENT_OBFUSCATION_ENABLED: false
+        PROCESS_E2E_ARM_RPO: false
+        IS_MOCK_ARM_RPO_DOWNLOAD_CSV: true
diff --git a/apps/darts-modernisation/darts-api/prod.yaml b/apps/darts-modernisation/darts-api/prod.yaml
@@ -18,9 +18,16 @@ spec:
         ACTIVE_DIRECTORY_B2C_AUTH_URI: https://hmctsprodextid.b2clogin.com/hmctsprodextid.onmicrosoft.com
         ARM_URL: https://www.court-tribunal-records-archive.service.justice.gov.uk
         MODERNISED_DARTS_START_DATE: '2099-01-01' # MODERNISED_DARTS_START_DATE to be updated before go-live
+        CASE_EXPIRY_DELETION_ENABLED: false
+        MANUAL_DELETION_ENABLED: false
+        EVENT_OBFUSCATION_ENABLED: false
+        DARTS_API_DB_POOL_SIZE: 200
+        PROCESS_E2E_ARM_RPO: false
+        ARM_RPO_DURATION: 24h
+        IS_MOCK_ARM_RPO_DOWNLOAD_CSV: false
       pdb:
         enabled: false
     function:
-      image: sdshmctspublic.azurecr.io/darts/api:prod-9ee7eec-20240829073230 # {"$imagepolicy": "flux-system:darts-api"}
+      image: sdshmctspublic.azurecr.io/darts/api:prod-7111cc6-20241211102924 # {"$imagepolicy": "flux-system:darts-api"}
       environment:
         ARM_URL: https://www.court-tribunal-records-archive.service.justice.gov.uk
diff --git a/apps/darts-modernisation/darts-api/stg.yaml b/apps/darts-modernisation/darts-api/stg.yaml
@@ -16,7 +16,12 @@ spec:
         ACTIVE_DIRECTORY_B2C_BASE_URI: https://hmctsstgextid.b2clogin.com
         ACTIVE_DIRECTORY_B2C_AUTH_URI: https://hmctsstgextid.b2clogin.com/hmctsstgextid.onmicrosoft.com
         ARM_URL: http://darts-stub-services.staging.platform.hmcts.net
+        CASE_EXPIRY_DELETION_ENABLED: true
+        MANUAL_DELETION_ENABLED: true
+        EVENT_OBFUSCATION_ENABLED: true
+        PROCESS_E2E_ARM_RPO: true
+        IS_MOCK_ARM_RPO_DOWNLOAD_CSV: true
     function:
-      image: sdshmctspublic.azurecr.io/darts/api:prod-9ee7eec-20240829073230 # {"$imagepolicy": "flux-system:darts-api"}
+      image: sdshmctspublic.azurecr.io/darts/api:prod-7111cc6-20241211102924 # {"$imagepolicy": "flux-system:darts-api"}
       environment:
         ARM_URL: http://darts-stub-services.staging.platform.hmcts.net
diff --git a/apps/darts-modernisation/darts-api/test.yaml b/apps/darts-modernisation/darts-api/test.yaml
@@ -15,5 +15,12 @@ spec:
         ACTIVE_DIRECTORY_B2C_AUTH_URI: https://hmctstestextid.b2clogin.com/hmctstestextid.onmicrosoft.com
         APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL: ALL
         ARM_URL: http://darts-stub-services.test.platform.hmcts.net
+        CASE_EXPIRY_DELETION_ENABLED: false
+        MANUAL_DELETION_ENABLED: false
+        EVENT_OBFUSCATION_ENABLED: false
+        DARTS_API_DB_POOL_SIZE: 200
+        PROCESS_E2E_ARM_RPO: false
+        MODERNISED_DARTS_START_DATE: '2024-10-01'
+        IS_MOCK_ARM_RPO_DOWNLOAD_CSV: true
     function:
-      image: sdshmctspublic.azurecr.io/darts/api:prod-9ee7eec-20240829073230 # {"$imagepolicy": "flux-system:darts-api"}
+      image: sdshmctspublic.azurecr.io/darts/api:prod-7111cc6-20241211102924 # {"$imagepolicy": "flux-system:darts-api"}
diff --git a/apps/darts-modernisation/darts-automated-tasks/darts-automated-tasks.yaml b/apps/darts-modernisation/darts-automated-tasks/darts-automated-tasks.yaml
@@ -16,7 +16,7 @@ spec:
   values:
     java:
       ingressHost: darts-automated-tasks.{{ .Values.global.environment }}.platform.hmcts.net
-      image: sdshmctspublic.azurecr.io/darts/api:prod-9ee7eec-20240829073230 # {"$imagepolicy": "flux-system:darts-api"}
+      image: sdshmctspublic.azurecr.io/darts/api:prod-7111cc6-20241211102924 # {"$imagepolicy": "flux-system:darts-api"}
       disableTraefikTls: true
       memoryRequests: '3G'
       memoryLimits: '4G'
@@ -29,11 +29,15 @@ spec:
         NOTIFICATION_SCHEDULER_ENABLED: false
         NOTIFICATION_SCHEDULER_CRON: '-'
     function:
-      image: sdshmctspublic.azurecr.io/darts/api:prod-9ee7eec-20240829073230 # {"$imagepolicy": "flux-system:darts-api"}
+      image: sdshmctspublic.azurecr.io/darts/api:prod-7111cc6-20241211102924 # {"$imagepolicy": "flux-system:darts-api"}
       minReplicaCount: 0
       maxReplicaCount: 0
-      triggers:
-      memoryRequests: 2Gi
-      cpuRequests: 1
-      memoryLimits: 4Gi
-      cpuLimits: 2
+      # only poll every 24 hours, to prevent DB sessions
+      # it is set to 0 max replicas anyway
+      pollingInterval: 86400
+    darts-portal:
+      enabled: false
+      ingressHost: darts-portal-nodejs.{{ .Values.global.environment }}.apps.hmcts.net
+      replicas: 0
+      autoscaling:
+        enabled: false
diff --git a/apps/darts-modernisation/darts-automated-tasks/demo.yaml b/apps/darts-modernisation/darts-automated-tasks/demo.yaml
@@ -12,4 +12,7 @@ spec:
         DARTS_PORTAL_URL: https://darts.demo.apps.hmcts.net
         DARTS_LOG_LEVEL: DEBUG
         ARM_URL: https://www.test.court-tribunal-records-archive.service.justice.gov.uk
-        FEIGN_LOG_LEVEL: full
+        FEIGN_LOG_LEVEL: full
+        PROCESS_E2E_ARM_RPO: true
+        ARM_RPO_DURATION: 24h
+        IS_MOCK_ARM_RPO_DOWNLOAD_CSV: false