From 7dd3388cdc7b69c8ac30e6008165261c62070e26 Mon Sep 17 00:00:00 2001 From: sgayangi Date: Thu, 15 Feb 2024 16:30:06 +0530 Subject: [PATCH] Fix helm templating issues --- helm-charts/README.md | 10 +++--- .../config-deployer-domain-api-backend.yaml | 6 ++-- .../config-deployer/config-ds-deployment.yaml | 12 +++---- .../config-generator-domain-api-backend.yaml | 6 ++-- .../adapter/adapter-deployment.yaml | 16 +++++----- .../common-controller-deployment.yaml | 28 ++++++++--------- .../gateway-components/common-log-conf.yaml | 4 +-- .../gateway-runtime-deployment.yaml | 24 +++++++------- .../gateway-components/log-conf.yaml | 4 +-- .../ratelimiter/ratelimiter-deployment.yaml | 28 ++++++++--------- .../idp/idp-ds/idp-ds-configmap.yaml | 12 +++---- helm-charts/values.yaml | 31 +++++++++---------- helm-charts/values.yaml.template | 2 +- 13 files changed, 91 insertions(+), 92 deletions(-) diff --git a/helm-charts/README.md b/helm-charts/README.md index 2e6212ad41..1044d8ed67 100644 --- a/helm-charts/README.md +++ b/helm-charts/README.md @@ -81,7 +81,7 @@ A Helm chart for APK components | wso2.apk.dp.configdeployer.deployment.replicas | int | `1` | Number of replicas | | wso2.apk.dp.configdeployer.deployment.imagePullPolicy | string | `"Always"` | Image pull policy | | wso2.apk.dp.configdeployer.deployment.image | string | `"wso2/apk-config-deployer-service:1.1.0-m2"` | Image | -| wso2.apk.dp.configdeployer.deployment.configs.authrorization | bool | `true` | Enable authorization for runtime api. | +| wso2.apk.dp.configdeployer.deployment.configs.authorization | bool | `true` | Enable authorization for runtime api. | | wso2.apk.dp.configdeployer.deployment.configs.baseUrl | string | `"https://api.am.wso2.com:9095/api/runtime"` | Baseurl for runtime api. | | wso2.apk.dp.configdeployer.deployment.configs.tls.secretName | string | `""` | TLS secret name for runtime public certificate. | | wso2.apk.dp.configdeployer.deployment.configs.tls.certKeyFilename | string | `""` | TLS certificate file name. | @@ -102,10 +102,10 @@ A Helm chart for APK components | wso2.apk.dp.adapter.deployment.imagePullPolicy | string | `"Always"` | Image pull policy | | wso2.apk.dp.adapter.deployment.image | string | `"wso2/apk-adapter:1.1.0-m2"` | Image | | wso2.apk.dp.adapter.deployment.security.sslHostname | string | `"adapter"` | Enable security for adapter. | -| wso2.apk.dp.adapter.configs.apiNamespaces | string | `nil` | Optionally configure namespaces to watch for apis. | -| wso2.apk.dp.adapter.configs.tls.secretName | string | `""` | TLS secret name for adapter public certificate. | -| wso2.apk.dp.adapter.configs.tls.certKeyFilename | string | `""` | TLS certificate file name. | -| wso2.apk.dp.adapter.configs.tls.certFilename | string | `""` | TLS certificate file name. | +| wso2.apk.dp.adapter.deployment.configs.apiNamespaces | string | `nil` | Optionally configure namespaces to watch for apis. | +| wso2.apk.dp.adapter.deployment.configs.tls.secretName | string | `""` | TLS secret name for adapter public certificate. | +| wso2.apk.dp.adapter.deployment.configs.tls.certKeyFilename | string | `""` | TLS certificate file name. | +| wso2.apk.dp.adapter.deployment.configs.tls.certFilename | string | `""` | TLS certificate file name. | | wso2.apk.dp.adapter.logging.level | string | `"INFO"` | Optionally configure logging for adapter. LogLevels can be "DEBG", "FATL", "ERRO", "WARN", "INFO", "PANC" | | wso2.apk.dp.adapter.logging.logFile | string | `"logs/adapter.log"` | Log file name | | wso2.apk.dp.adapter.logging.logFormat | string | `"TEXT"` | Log format can be "JSON", "TEXT" | diff --git a/helm-charts/templates/data-plane/config-deployer/config-deployer-domain-api-backend.yaml b/helm-charts/templates/data-plane/config-deployer/config-deployer-domain-api-backend.yaml index ff1f3f28a0..ed346c7280 100644 --- a/helm-charts/templates/data-plane/config-deployer/config-deployer-domain-api-backend.yaml +++ b/helm-charts/templates/data-plane/config-deployer/config-deployer-domain-api-backend.yaml @@ -29,9 +29,9 @@ spec: allowedSANs: - {{ template "apk-helm.resource.prefix" . }}-config-ds-service.{{ .Release.Namespace }}.svc secretRef: - {{- if and .Values.wso2.apk.dp.configdeployer.configs .Values.wso2.apk.dp.configdeployer.configs.tls }} - name: {{.Values.wso2.apk.dp.configdeployer.configs.tls.secretName}} - key: {{.Values.wso2.apk.dp.configdeployer.configs.tls.certFilename}} + {{- if and .Values.wso2.apk.dp.configdeployer.deployment.configs .Values.wso2.apk.dp.configdeployer.deployment.configs.tls }} + name: {{.Values.wso2.apk.dp.configdeployer.deployment.configs.tls.secretName}} + key: {{.Values.wso2.apk.dp.configdeployer.deployment.configs.tls.certFilename}} {{- else }} name: {{ template "apk-helm.resource.prefix" . }}-config-ds-server-cert key: tls.crt diff --git a/helm-charts/templates/data-plane/config-deployer/config-ds-deployment.yaml b/helm-charts/templates/data-plane/config-deployer/config-ds-deployment.yaml index 27d71680ba..c26a456736 100644 --- a/helm-charts/templates/data-plane/config-deployer/config-ds-deployment.yaml +++ b/helm-charts/templates/data-plane/config-deployer/config-ds-deployment.yaml @@ -72,15 +72,15 @@ spec: subPath: prometheus-jmx-config-configds.yml - name: config-ds-tls-volume mountPath: /home/wso2apk/config-deployer/security/config.key - {{- if and .Values.wso2.apk.dp.configdeployer.configs .Values.wso2.apk.dp.configdeployer.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.configdeployer.configs.tls.certKeyFilename | default "tls.key" }} + {{- if and .Values.wso2.apk.dp.configdeployer.deployment.configs .Values.wso2.apk.dp.configdeployer.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.configdeployer.deployment.configs.tls.certKeyFilename | default "tls.key" }} {{- else }} subPath: tls.key {{- end }} - name: config-ds-tls-volume mountPath: /home/wso2apk/config-deployer/security/config.pem - {{- if and .Values.wso2.apk.dp.configdeployer.configs .Values.wso2.apk.dp.configdeployer.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.configdeployer.configs.tls.certFilename | default "tls.crt" }} + {{- if and .Values.wso2.apk.dp.configdeployer.deployment.configs .Values.wso2.apk.dp.configdeployer.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.configdeployer.deployment.configs.tls.certFilename | default "tls.crt" }} {{- else }} subPath: tls.crt {{- end }} @@ -119,8 +119,8 @@ spec: name: prometheus-jmx-config-configds - name: config-ds-tls-volume secret: - {{ if and .Values.wso2.apk.dp.configdeployer.configs .Values.wso2.apk.dp.configdeployer.configs.tls }} - secretName: {{ .Values.wso2.apk.dp.configdeployer.configs.tls.secretName | default (printf "%s-config-ds-server-cert" (include "apk-helm.resource.prefix" .)) }} + {{ if and .Values.wso2.apk.dp.configdeployer.deployment.configs .Values.wso2.apk.dp.configdeployer.deployment.configs.tls }} + secretName: {{ .Values.wso2.apk.dp.configdeployer.deployment.configs.tls.secretName | default (printf "%s-config-ds-server-cert" (include "apk-helm.resource.prefix" .)) }} {{ else }} secretName: {{ template "apk-helm.resource.prefix" . }}-config-ds-server-cert {{ end }} diff --git a/helm-charts/templates/data-plane/config-deployer/config-generator-domain-api-backend.yaml b/helm-charts/templates/data-plane/config-deployer/config-generator-domain-api-backend.yaml index 768f982f13..cfa9781f7e 100644 --- a/helm-charts/templates/data-plane/config-deployer/config-generator-domain-api-backend.yaml +++ b/helm-charts/templates/data-plane/config-deployer/config-generator-domain-api-backend.yaml @@ -29,9 +29,9 @@ spec: allowedSANs: - {{ template "apk-helm.resource.prefix" . }}-config-ds-service.{{ .Release.Namespace }}.svc secretRef: - {{- if and .Values.wso2.apk.dp.configdeployer.configs .Values.wso2.apk.dp.configdeployer.configs.tls }} - name: {{.Values.wso2.apk.dp.configdeployer.configs.tls.secretName}} - key: {{.Values.wso2.apk.dp.configdeployer.configs.tls.certFilename}} + {{- if and .Values.wso2.apk.dp.configdeployer.deployment.configs .Values.wso2.apk.dp.configdeployer.deployment.configs.tls }} + name: {{.Values.wso2.apk.dp.configdeployer.deployment.configs.tls.secretName}} + key: {{.Values.wso2.apk.dp.configdeployer.deployment.configs.tls.certFilename}} {{- else }} name: {{ template "apk-helm.resource.prefix" . }}-config-ds-server-cert key: tls.crt diff --git a/helm-charts/templates/data-plane/gateway-components/adapter/adapter-deployment.yaml b/helm-charts/templates/data-plane/gateway-components/adapter/adapter-deployment.yaml index 7bf0a25fc6..e002369ef8 100644 --- a/helm-charts/templates/data-plane/gateway-components/adapter/adapter-deployment.yaml +++ b/helm-charts/templates/data-plane/gateway-components/adapter/adapter-deployment.yaml @@ -65,22 +65,22 @@ spec: volumeMounts: - name: adapter-keystore-secret-volume mountPath: /home/wso2/security/keystore/adapter.key - {{- if and .Values.wso2.apk.dp.adapter.configs .Values.wso2.apk.dp.adapter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.adapter.configs.tls.certKeyFilename | default "tls.key" }} + {{- if and .Values.wso2.apk.dp.adapter.deployment.configs .Values.wso2.apk.dp.adapter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.adapter.deployment.configs.tls.certKeyFilename | default "tls.key" }} {{- else }} subPath: tls.key {{- end }} - name: adapter-keystore-secret-volume mountPath: /home/wso2/security/keystore/adapter.crt - {{- if and .Values.wso2.apk.dp.adapter.configs .Values.wso2.apk.dp.adapter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.adapter.configs.tls.certFilename | default "tls.crt" }} + {{- if and .Values.wso2.apk.dp.adapter.deployment.configs .Values.wso2.apk.dp.adapter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.adapter.deployment.configs.tls.certFilename | default "tls.crt" }} {{- else }} subPath: tls.crt {{- end }} - name: adapter-keystore-secret-volume mountPath: /home/wso2/security/truststore/adapter-ca.crt - {{- if and .Values.wso2.apk.dp.adapter.configs .Values.wso2.apk.dp.adapter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.adapter.configs.tls.certFilename | default "ca.crt" }} + {{- if and .Values.wso2.apk.dp.adapter.deployment.configs .Values.wso2.apk.dp.adapter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.adapter.deployment.configs.tls.certFilename | default "ca.crt" }} {{- else }} subPath: ca.crt {{- end }} @@ -138,8 +138,8 @@ spec: volumes: - name: adapter-keystore-secret-volume secret: - {{- if and .Values.wso2.apk.dp.adapter.configs .Values.wso2.apk.dp.adapter.configs.tls }} - secretName: {{ .Values.wso2.apk.dp.adapter.configs.tls.secretName | default (printf "%s-adapter-server-cert" (include "apk-helm.resource.prefix" .)) }} + {{- if and .Values.wso2.apk.dp.adapter.deployment.configs .Values.wso2.apk.dp.adapter.deployment.configs.tls }} + secretName: {{ .Values.wso2.apk.dp.adapter.deployment.configs.tls.secretName | default (printf "%s-adapter-server-cert" (include "apk-helm.resource.prefix" .)) }} {{- else }} secretName: {{ template "apk-helm.resource.prefix" . }}-adapter-server-cert {{- end }} diff --git a/helm-charts/templates/data-plane/gateway-components/common-controller/common-controller-deployment.yaml b/helm-charts/templates/data-plane/gateway-components/common-controller/common-controller-deployment.yaml index eead36fcc1..3da01567b3 100644 --- a/helm-charts/templates/data-plane/gateway-components/common-controller/common-controller-deployment.yaml +++ b/helm-charts/templates/data-plane/gateway-components/common-controller/common-controller-deployment.yaml @@ -67,22 +67,22 @@ spec: volumeMounts: - name: common-controller-keystore-secret-volume mountPath: /home/wso2/security/keystore/commoncontroller.key - {{- if and .Values.wso2.apk.dp.commonController.configs .Values.wso2.apk.dp.commonController.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.commonController.configs.tls.certKeyFilename | default "tls.key" }} + {{- if and .Values.wso2.apk.dp.commonController.deployment.configs .Values.wso2.apk.dp.commonController.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.commonController.deployment.configs.tls.certKeyFilename | default "tls.key" }} {{- else }} subPath: tls.key {{- end }} - name: common-controller-keystore-secret-volume mountPath: /home/wso2/security/keystore/commoncontroller.crt - {{- if and .Values.wso2.apk.dp.commonController.configs .Values.wso2.apk.dp.commonController.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.commonController.configs.tls.certFilename | default "tls.crt" }} + {{- if and .Values.wso2.apk.dp.commonController.deployment.configs .Values.wso2.apk.dp.commonController.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.commonController.deployment.configs.tls.certFilename | default "tls.crt" }} {{- else }} subPath: tls.crt {{- end }} - name: common-controller-keystore-secret-volume mountPath: /home/wso2/security/truststore/adapter-ca.crt - {{- if and .Values.wso2.apk.dp.commonController.configs .Values.wso2.apk.dp.commonController.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.commonController.configs.tls.certFilename | default "ca.crt" }} + {{- if and .Values.wso2.apk.dp.commonController.deployment.configs .Values.wso2.apk.dp.commonController.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.commonController.deployment.configs.tls.certFilename | default "ca.crt" }} {{- else }} subPath: ca.crt {{- end }} @@ -91,15 +91,15 @@ spec: # mountPath: /home/wso2/security/truststore/enforcer.crt - name: ratelimiter-truststore-secret-volume mountPath: /home/wso2/security/truststore/ratelimiter.crt - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.certFilename | default "tls.crt" }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.certFilename | default "tls.crt" }} {{- else }} subPath: tls.crt {{- end }} - name: ratelimiter-truststore-secret-volume mountPath: /home/wso2/security/truststore/ca-ratelimiter.crt - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.certCAFilename | default "ca.crt" }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.certCAFilename | default "ca.crt" }} {{- else }} subPath: ca.crt {{- end }} @@ -140,8 +140,8 @@ spec: volumes: - name: common-controller-keystore-secret-volume secret: - {{- if and .Values.wso2.apk.dp.commonController.configs .Values.wso2.apk.dp.commonController.configs.tls }} - secretName: {{ .Values.wso2.apk.dp.commonController.configs.tls.secretName | default (printf "%s-common-controller-server-cert" (include "apk-helm.resource.prefix" .)) }} + {{- if and .Values.wso2.apk.dp.commonController.deployment.configs .Values.wso2.apk.dp.commonController.deployment.configs.tls }} + secretName: {{ .Values.wso2.apk.dp.commonController.deployment.configs.tls.secretName | default (printf "%s-common-controller-server-cert" (include "apk-helm.resource.prefix" .)) }} {{- else }} secretName: {{ template "apk-helm.resource.prefix" . }}-common-controller-server-cert {{- end }} @@ -160,8 +160,8 @@ spec: {{ if and .Values.wso2.apk.dp.enabled .Values.wso2.apk.dp.ratelimiter.enabled }} - name: ratelimiter-truststore-secret-volume secret: - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - secretName: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.secretName | default (printf "%s-ratelimiter-server-cert" (include "apk-helm.resource.prefix" .)) }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + secretName: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.secretName | default (printf "%s-ratelimiter-server-cert" (include "apk-helm.resource.prefix" .)) }} {{- else }} secretName: {{ template "apk-helm.resource.prefix" . }}-ratelimiter-server-cert {{- end }} diff --git a/helm-charts/templates/data-plane/gateway-components/common-log-conf.yaml b/helm-charts/templates/data-plane/gateway-components/common-log-conf.yaml index 2d0a1c7eb7..3287fa87c2 100644 --- a/helm-charts/templates/data-plane/gateway-components/common-log-conf.yaml +++ b/helm-charts/templates/data-plane/gateway-components/common-log-conf.yaml @@ -18,9 +18,9 @@ data: {{ end}} [commoncontroller.server] label = "ratelimiter" - {{ if and .Values.wso2.apk.dp.commonController.configs .Values.wso2.apk.dp.commonController.configs.apiNamespaces }} + {{ if and .Values.wso2.apk.dp.commonController.deployment.configs .Values.wso2.apk.dp.commonController.deployment.configs.apiNamespaces }} [commoncontroller.operator] - namespaces = [{{ include "commaJoinedQuotedList" .Values.wso2.apk.dp.commonController.configs.apiNamespaces}}] + namespaces = [{{ include "commaJoinedQuotedList" .Values.wso2.apk.dp.commonController.deployment.configs.apiNamespaces}}] {{ end}} [commoncontroller.keystore] certPath = "/home/wso2/security/keystore/commoncontroller.crt" diff --git a/helm-charts/templates/data-plane/gateway-components/gateway-runtime/gateway-runtime-deployment.yaml b/helm-charts/templates/data-plane/gateway-components/gateway-runtime/gateway-runtime-deployment.yaml index bf2883c1e3..17e8fdb668 100644 --- a/helm-charts/templates/data-plane/gateway-components/gateway-runtime/gateway-runtime-deployment.yaml +++ b/helm-charts/templates/data-plane/gateway-components/gateway-runtime/gateway-runtime-deployment.yaml @@ -189,8 +189,8 @@ spec: {{- end }} - name: adapter-truststore-secret-volume mountPath: /home/wso2/security/truststore/adapter.crt - {{- if and .Values.wso2.apk.dp.adapter.configs .Values.wso2.apk.dp.adapter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.adapter.configs.tls.certFilename | default "tls.crt" }} + {{- if and .Values.wso2.apk.dp.adapter.deployment.configs .Values.wso2.apk.dp.adapter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.adapter.deployment.configs.tls.certFilename | default "tls.crt" }} {{- else }} subPath: tls.crt {{- end }} @@ -316,8 +316,8 @@ spec: {{- end }} - name: adapter-truststore-secret-volume mountPath: /home/wso2/security/truststore/adapter.crt - {{- if and .Values.wso2.apk.dp.adapter.configs .Values.wso2.apk.dp.adapter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.adapter.configs.tls.certFilename | default "tls.crt" }} + {{- if and .Values.wso2.apk.dp.adapter.deployment.configs .Values.wso2.apk.dp.adapter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.adapter.deployment.configs.tls.certFilename | default "tls.crt" }} {{- else }} subPath: tls.crt {{- end }} @@ -333,15 +333,15 @@ spec: {{ if and .Values.wso2.apk.dp.enabled .Values.wso2.apk.dp.ratelimiter.enabled }} - name: ratelimiter-truststore-secret-volume mountPath: /home/wso2/security/truststore/ratelimiter.crt - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.certFilename | default "tls.crt" }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.certFilename | default "tls.crt" }} {{- else }} subPath: tls.crt {{- end }} - name: ratelimiter-truststore-secret-volume mountPath: /home/wso2/security/truststore/ratelimiter-ca.crt - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.certCAFilename | default "ca.crt" }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.certCAFilename | default "ca.crt" }} {{- else }} subPath: ca.crt {{- end }} @@ -381,8 +381,8 @@ spec: {{ if and .Values.wso2.apk.dp.enabled .Values.wso2.apk.dp.ratelimiter.enabled }} - name: ratelimiter-truststore-secret-volume secret: - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - secretName: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.certificatesSecret | default (printf "%s-ratelimiter-server-cert" (include "apk-helm.resource.prefix" .)) }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + secretName: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.certificatesSecret | default (printf "%s-ratelimiter-server-cert" (include "apk-helm.resource.prefix" .)) }} {{- else }} secretName: {{ template "apk-helm.resource.prefix" . }}-ratelimiter-server-cert {{- end }} @@ -419,8 +419,8 @@ spec: {{- end }} - name: adapter-truststore-secret-volume secret: - {{- if and .Values.wso2.apk.dp.adapter.configs .Values.wso2.apk.dp.adapter.configs.tls }} - secretName: {{ .Values.wso2.apk.dp.adapter.configs.tls.secretName | default (printf "%s-adapter-server-cert" (include "apk-helm.resource.prefix" .)) }} + {{- if and .Values.wso2.apk.dp.adapter.deployment.configs .Values.wso2.apk.dp.adapter.deployment.configs.tls }} + secretName: {{ .Values.wso2.apk.dp.adapter.deployment.configs.tls.secretName | default (printf "%s-adapter-server-cert" (include "apk-helm.resource.prefix" .)) }} {{- else }} secretName: {{ template "apk-helm.resource.prefix" . }}-adapter-server-cert {{- end }} diff --git a/helm-charts/templates/data-plane/gateway-components/log-conf.yaml b/helm-charts/templates/data-plane/gateway-components/log-conf.yaml index 2fc6b24fd2..cedf817ffd 100644 --- a/helm-charts/templates/data-plane/gateway-components/log-conf.yaml +++ b/helm-charts/templates/data-plane/gateway-components/log-conf.yaml @@ -10,9 +10,9 @@ data: {{- if and .Values.wso2.apk.dp.environment .Values.wso2.apk.dp.environment.name }} environment = "{{ .Values.wso2.apk.dp.environment.name }}" {{- end }} - {{ if and .Values.wso2.apk.dp.adapter.configs .Values.wso2.apk.dp.adapter.configs.apiNamespaces }} + {{ if and .Values.wso2.apk.dp.adapter.deployment.configs .Values.wso2.apk.dp.adapter.deployment.configs.apiNamespaces }} [adapter.operator] - namespaces = [{{ include "commaJoinedQuotedList" .Values.wso2.apk.dp.adapter.configs.apiNamespaces}}] + namespaces = [{{ include "commaJoinedQuotedList" .Values.wso2.apk.dp.adapter.deployment.configs.apiNamespaces}}] {{ end}} {{if and .Values.wso2.apk.metrics .Values.wso2.apk.metrics.enabled}} [adapter.metrics] diff --git a/helm-charts/templates/data-plane/ratelimiter/ratelimiter-deployment.yaml b/helm-charts/templates/data-plane/ratelimiter/ratelimiter-deployment.yaml index a56500cd50..75df7a35d3 100644 --- a/helm-charts/templates/data-plane/ratelimiter/ratelimiter-deployment.yaml +++ b/helm-charts/templates/data-plane/ratelimiter/ratelimiter-deployment.yaml @@ -75,7 +75,7 @@ spec: - name: LIMIT_RESPONSE_HEADERS_ENABLED value: "false" - name: REDIS_TYPE - {{ if and .Values.wso2.apk.dp.redis .Values.wso2.apk.dp.redis.type }} + {{ if and .Values.wso2.apk.dp.redis .Values.wso2.apk.dp.redis.type }} value: {{ .Values.wso2.apk.dp.redis.type }} {{ else }} value: "single" @@ -102,7 +102,7 @@ spec: - name: REDIS_TLS_CLIENT_KEY value: "/home/wso2/security/keystore/redis.key" {{ end }} - {{ if and .Values.wso2.apk.dp.redis .Values.wso2.apk.dp.redis.auth }} + {{ if and .Values.wso2.apk.dp.redis .Values.wso2.apk.dp.redis.auth .Values.wso2.apk.dp.redis.auth.enabled}} - name: REDIS_AUTH valueFrom: secretKeyRef: @@ -161,29 +161,29 @@ spec: volumeMounts: - name: ratelimiter-keystore-secret-volume mountPath: /home/wso2/security/keystore/ratelimiter.key - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.certKeyFilename | default "tls.key" }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.certKeyFilename | default "tls.key" }} {{- else }} subPath: tls.key {{- end }} - name: ratelimiter-keystore-secret-volume mountPath: /home/wso2/security/keystore/ratelimiter.crt - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.certFilename | default "tls.crt" }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.certFilename | default "tls.crt" }} {{- else }} subPath: tls.crt {{- end }} - name: ratelimiter-keystore-secret-volume mountPath: /home/wso2/security/truststore/ratelimiter-ca.crt - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.certCAFilename | default "ca.crt" }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.certCAFilename | default "ca.crt" }} {{- else }} subPath: ca.crt {{- end }} - name: common-controller-truststore-secret-volume mountPath: /home/wso2/security/truststore/adapter.pem - {{- if and .Values.wso2.apk.dp.commonController.configs .Values.wso2.apk.dp.commonController.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.commonController.configs.tls.certFilename | default "tls.crt" }} + {{- if and .Values.wso2.apk.dp.commonController.deployment.configs .Values.wso2.apk.dp.commonController.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.commonController.deployment.configs.tls.certFilename | default "tls.crt" }} {{- else }} subPath: tls.crt {{- end }} @@ -235,16 +235,16 @@ spec: volumes: - name: ratelimiter-keystore-secret-volume secret: - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - secretName: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.secretName | default (printf "%s-ratelimiter-server-cert" (include "apk-helm.resource.prefix" .)) }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + secretName: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.secretName | default (printf "%s-ratelimiter-server-cert" (include "apk-helm.resource.prefix" .)) }} {{- else }} secretName: {{ template "apk-helm.resource.prefix" . }}-ratelimiter-server-cert {{- end }} defaultMode: 420 - name: common-controller-truststore-secret-volume secret: - {{- if and .Values.wso2.apk.dp.commonController.configs .Values.wso2.apk.dp.commonController.configs.tls }} - secretName: {{ .Values.wso2.apk.dp.commonController.configs.tls.secretName | default (printf "%s-common-controller-server-cert" (include "apk-helm.resource.prefix" .)) }} + {{- if and .Values.wso2.apk.dp.commonController.deployment.configs .Values.wso2.apk.dp.commonController.deployment.configs.tls }} + secretName: {{ .Values.wso2.apk.dp.commonController.deployment.configs.tls.secretName | default (printf "%s-common-controller-server-cert" (include "apk-helm.resource.prefix" .)) }} {{- else }} secretName: {{ template "apk-helm.resource.prefix" . }}-common-controller-server-cert {{- end }} diff --git a/helm-charts/templates/idp/idp-ds/idp-ds-configmap.yaml b/helm-charts/templates/idp/idp-ds/idp-ds-configmap.yaml index 62c6909121..333fbf00bc 100644 --- a/helm-charts/templates/idp/idp-ds/idp-ds-configmap.yaml +++ b/helm-charts/templates/idp/idp-ds/idp-ds-configmap.yaml @@ -50,13 +50,13 @@ data: testQuery = "{{ .Values.idp.database.validationQuery }}" driver = "{{ .Values.idp.database.driver }}" [wso2.idp_domain_service.idpConfiguration] - hostname = "{{ .Values.idp.idpds.config.hostname }}" - loginPageURl = "{{ .Values.idp.idpds.config.loginPageURl }}" - loginErrorPageUrl = "{{ .Values.idp.idpds.config.loginErrorPageUrl }}" - loginCallBackURl = "{{ .Values.idp.idpds.config.loginCallBackURl }}" + hostname = "{{ .Values.idp.idpds.configs.hostname }}" + loginPageURl = "{{ .Values.idp.idpds.configs.loginPageURl }}" + loginErrorPageUrl = "{{ .Values.idp.idpds.configs.loginErrorPageUrl }}" + loginCallBackURl = "{{ .Values.idp.idpds.configs.loginCallBackURl }}" [wso2.idp_domain_service.idpConfiguration.tokenIssuerConfiguration] - issuer = "{{ .Values.idp.idpds.config.issuer }}" - keyId="{{ .Values.idp.idpds.config.keyId }}" + issuer = "{{ .Values.idp.idpds.configs.issuer }}" + keyId="{{ .Values.idp.idpds.configs.keyId }}" [[wso2.idp_domain_service.idpConfiguration.fileBaseApp]] clientId = "45f1c5c8-a92e-11ed-afa1-0242ac120002" clientSecret = "4fbd62ec-a92e-11ed-afa1-0242ac120002" diff --git a/helm-charts/values.yaml b/helm-charts/values.yaml index bbc801126d..703d40db49 100644 --- a/helm-charts/values.yaml +++ b/helm-charts/values.yaml @@ -17,11 +17,11 @@ wso2: subscription: imagePullSecrets: "" - + apk: webhooks: - validatingwebhookconfigurations : true - mutatingwebhookconfigurations : true + validatingwebhookconfigurations: true + mutatingwebhookconfigurations: true auth: enabled: true enableServiceAccountCreation: true @@ -114,9 +114,9 @@ wso2: image: wso2/apk-adapter:latest security: sslHostname: "adapter" -# logging: -# level: "INFO" # LogLevels can be "DEBG", "FATL", "ERRO", "WARN", "INFO", "PANC" -# logFormat: "TEXT" # Values can be "JSON", "TEXT" + # logging: + # level: "INFO" # LogLevels can be "DEBG", "FATL", "ERRO", "WARN", "INFO", "PANC" + # # logFormat: "TEXT" # Values can be "JSON", "TEXT" # configs: # apiNamespaces: # - "apk-v12" @@ -211,13 +211,13 @@ wso2: # secretName: "router-cert" # certKeyFilename: "" # certFilename: "" -# logging: -# wireLogs: -# enable: true -# accessLogs: -# enable: true -# env: -# TRAILING_ARGS: "--log-level trace" + # logging: + # wireLogs: + # enable: true + # accessLogs: + # enable: true + # env: + # TRAILING_ARGS: "--log-level trace" enforcer: resources: requests: @@ -283,7 +283,7 @@ idp: validationQuery: "SELECT 1" validationTimeout: 250 idpds: - config: + configs: issuer: "https://idp.am.wso2.com/token" keyId: "gateway_certificate_alias" hostname: "idp.am.wso2.com" @@ -341,13 +341,12 @@ gatewaySystem: enableClusterRoleCreation: true serviceAccountName: gateway-api-admission - certmanager: enabled: true enableClusterIssuer: true enableRootCa: true rootCaSecretName: "apk-root-certificate" - + postgresql: enabled: true fullnameOverride: "wso2apk-db-service" diff --git a/helm-charts/values.yaml.template b/helm-charts/values.yaml.template index aeba37526c..239be63d1d 100644 --- a/helm-charts/values.yaml.template +++ b/helm-charts/values.yaml.template @@ -174,7 +174,7 @@ wso2: image: wso2/apk-config-deployer-service:1.0.0 configs: # -- Enable authorization for runtime api. - authrorization: true + authorization: true # -- Baseurl for runtime api. baseUrl: "https://api.am.wso2.com:9095/api/runtime" tls: