diff --git a/helm-charts/README.md b/helm-charts/README.md index 2e7b887ce..268a8a0ca 100644 --- a/helm-charts/README.md +++ b/helm-charts/README.md @@ -1,6 +1,6 @@ # apk-helm -![Version: 1.1.0-rc](https://img.shields.io/badge/Version-1.1.0--rc-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.16.0](https://img.shields.io/badge/AppVersion-1.16.0-informational?style=flat-square) +![Version: 1.1.0-rc2](https://img.shields.io/badge/Version-1.1.0--rc-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.16.0](https://img.shields.io/badge/AppVersion-1.16.0-informational?style=flat-square) A Helm chart for APK components @@ -89,7 +89,7 @@ A Helm chart for APK components | wso2.apk.dp.configdeployer.deployment.strategy | string | `"RollingUpdate"` | Deployment strategy | | wso2.apk.dp.configdeployer.deployment.replicas | int | `1` | Number of replicas | | wso2.apk.dp.configdeployer.deployment.imagePullPolicy | string | `"Always"` | Image pull policy | -| wso2.apk.dp.configdeployer.deployment.image | string | `"wso2/apk-config-deployer-service:1.1.0-beta"` | Image | +| wso2.apk.dp.configdeployer.deployment.image | string | `"wso2/apk-config-deployer-service:1.1.0-rc2"` | Image | | wso2.apk.dp.configdeployer.deployment.configs.authorization | bool | `true` | Enable authorization for runtime api. | | wso2.apk.dp.configdeployer.deployment.configs.baseUrl | string | `"https://api.am.wso2.com:9095/api/runtime"` | Baseurl for runtime api. | | wso2.apk.dp.configdeployer.deployment.configs.tls.secretName | string | `""` | TLS secret name for runtime public certificate. | @@ -109,7 +109,7 @@ A Helm chart for APK components | wso2.apk.dp.adapter.deployment.strategy | string | `"RollingUpdate"` | Deployment strategy | | wso2.apk.dp.adapter.deployment.replicas | int | `1` | Number of replicas | | wso2.apk.dp.adapter.deployment.imagePullPolicy | string | `"Always"` | Image pull policy | -| wso2.apk.dp.adapter.deployment.image | string | `"wso2/apk-adapter:1.1.0-beta"` | Image | +| wso2.apk.dp.adapter.deployment.image | string | `"wso2/apk-adapter:1.1.0-rc2"` | Image | | wso2.apk.dp.adapter.deployment.security.sslHostname | string | `"adapter"` | Enable security for adapter. | | wso2.apk.dp.adapter.deployment.affinity | object | `{"podAntiAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app.kubernetes.io/app","operator":"In","values":["adapter"]}]}}}]}}` | Configure Affinity for the deployment. | | wso2.apk.dp.adapter.deployment.nodeSelector | object | `{}` | Configure Node Selector for the deployment. | @@ -133,7 +133,7 @@ A Helm chart for APK components | wso2.apk.dp.commonController.deployment.strategy | string | `"RollingUpdate"` | Deployment strategy | | wso2.apk.dp.commonController.deployment.replicas | int | `1` | Number of replicas | | wso2.apk.dp.commonController.deployment.imagePullPolicy | string | `"Always"` | Image pull policy | -| wso2.apk.dp.commonController.deployment.image | string | `"wso2/apk-common-controller:1.1.0-beta"` | Image | +| wso2.apk.dp.commonController.deployment.image | string | `"wso2/apk-common-controller:1.1.0-rc2"` | Image | | wso2.apk.dp.commonController.deployment.security.sslHostname | string | `"commoncontroller"` | hostname for the common controller | | wso2.apk.dp.commonController.deployment.configs.apiNamespaces | list | `["apk-v12"]` | Optionally configure namespaces to watch for apis,ratelimitpolicies,etc. | | wso2.apk.dp.commonController.deployment.affinity | object | `{"podAntiAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app.kubernetes.io/app","operator":"In","values":["common-controller"]}]}}}]}}` | Configure Affinity for the deployment. | @@ -175,7 +175,7 @@ A Helm chart for APK components | wso2.apk.dp.ratelimiter.deployment.strategy | string | `"RollingUpdate"` | Deployment strategy | | wso2.apk.dp.ratelimiter.deployment.replicas | int | `1` | Number of replicas | | wso2.apk.dp.ratelimiter.deployment.imagePullPolicy | string | `"Always"` | Image pull policy | -| wso2.apk.dp.ratelimiter.deployment.image | string | `"wso2/apk-ratelimiter:1.1.0-beta"` | Image | +| wso2.apk.dp.ratelimiter.deployment.image | string | `"wso2/apk-ratelimiter:1.1.0-rc2"` | Image | | wso2.apk.dp.ratelimiter.deployment.security.sslHostname | string | `"ratelimiter"` | hostname for the rate limiter | | wso2.apk.dp.ratelimiter.deployment.configs.tls.secretName | string | `"ratelimiter-cert"` | TLS secret name for rate limiter public certificate. | | wso2.apk.dp.ratelimiter.deployment.configs.tls.certKeyFilename | string | `""` | TLS certificate file name. | @@ -199,7 +199,7 @@ A Helm chart for APK components | wso2.apk.dp.gatewayRuntime.deployment.router.livenessProbe.failureThreshold | int | `5` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | | wso2.apk.dp.gatewayRuntime.deployment.router.strategy | string | `"RollingUpdate"` | Deployment strategy | | wso2.apk.dp.gatewayRuntime.deployment.router.imagePullPolicy | string | `"Always"` | Image pull policy | -| wso2.apk.dp.gatewayRuntime.deployment.router.image | string | `"wso2/apk-router:1.1.0-beta"` | Image | +| wso2.apk.dp.gatewayRuntime.deployment.router.image | string | `"wso2/apk-router:1.1.0-rc2"` | Image | | wso2.apk.dp.gatewayRuntime.deployment.router.configs.enforcerResponseTimeoutInSeconds | int | `20` | The timeout for response coming from enforcer to route per API request | | wso2.apk.dp.gatewayRuntime.deployment.router.configs.useRemoteAddress | bool | `false` | If configured true, router appends the immediate downstream ip address to the x-forward-for header | | wso2.apk.dp.gatewayRuntime.deployment.router.configs.systemHost | string | `"localhost"` | System hostname for system API resources (eg: /testkey and /health) | @@ -227,7 +227,7 @@ A Helm chart for APK components | wso2.apk.dp.gatewayRuntime.deployment.enforcer.livenessProbe.failureThreshold | int | `5` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | | wso2.apk.dp.gatewayRuntime.deployment.enforcer.strategy | string | `"RollingUpdate"` | Deployment strategy | | wso2.apk.dp.gatewayRuntime.deployment.enforcer.imagePullPolicy | string | `"Always"` | Image pull policy | -| wso2.apk.dp.gatewayRuntime.deployment.enforcer.image | string | `"wso2/apk-enforcer:1.1.0-beta"` | Image | +| wso2.apk.dp.gatewayRuntime.deployment.enforcer.image | string | `"wso2/apk-enforcer:1.1.0-rc2"` | Image | | wso2.apk.dp.gatewayRuntime.deployment.enforcer.security.sslHostname | string | `"enforcer"` | hostname for the enforcer | | wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs.tls.secretName | string | `""` | TLS secret name for enforcer public certificate. | | wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs.tls.certKeyFilename | string | `""` | TLS certificate file name. | @@ -311,7 +311,7 @@ A Helm chart for APK components | idp.idpds.deployment.strategy | string | `"RollingUpdate"` | Deployment strategy | | idp.idpds.deployment.replicas | int | `1` | Number of replicas | | idp.idpds.deployment.imagePullPolicy | string | `"Always"` | Image pull policy | -| idp.idpds.deployment.image | string | `"wso2/apk-idp-domain-service:1.1.0-beta"` | Image | +| idp.idpds.deployment.image | string | `"wso2/apk-idp-domain-service:1.1.0-rc2"` | Image | | idp.idpui.deployment.resources.requests.memory | string | `"128Mi"` | CPU request for the container | | idp.idpui.deployment.resources.requests.cpu | string | `"100m"` | Memory request for the container | | idp.idpui.deployment.resources.limits.memory | string | `"1028Mi"` | CPU limit for the container | @@ -325,7 +325,7 @@ A Helm chart for APK components | idp.idpui.deployment.strategy | string | `"RollingUpdate"` | Deployment strategy | | idp.idpui.deployment.replicas | int | `1` | Number of replicas | | idp.idpui.deployment.imagePullPolicy | string | `"Always"` | Image pull policy | -| idp.idpui.deployment.image | string | `"wso2/apk-idp-ui:1.1.0-beta"` | Image | +| idp.idpui.deployment.image | string | `"wso2/apk-idp-ui:1.1.0-rc2"` | Image | | idp.idpui.configs.idpLoginUrl | string | `"https://idp.am.wso2.com:9095/commonauth/login"` | identity server Login URL | | idp.idpui.configs.idpAuthCallBackUrl | string | `"https://idp.am.wso2.com:9095/oauth2/auth-callback"` | identity server authCallBackUrl | | gatewaySystem.enabled | bool | `true` | Enable gateway system to install gateway system components | diff --git a/helm-charts/samples/apim-apk-agent/cp/values.yaml b/helm-charts/samples/apim-apk-agent/cp/values.yaml index e74cbb9eb..f5286a23f 100644 --- a/helm-charts/samples/apim-apk-agent/cp/values.yaml +++ b/helm-charts/samples/apim-apk-agent/cp/values.yaml @@ -17,11 +17,17 @@ replicaCount: 1 image: repository: wso2/apim-apk-agent - tag: 1.1.0-rc + tag: 1.1.0-rc2 pullPolicy: Always service: name: apim-apk-agent-service -resources: {} +resources: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "256Mi" + cpu: "200m" controlPlane: enabled: true serviceURL: https://apim-wso2am-cp-1-service.apk.svc.cluster.local:9443/ @@ -39,4 +45,9 @@ metrics: agent: mode: DPtoCP certmanager: - enabled: true \ No newline at end of file + enabled: false +serviceAccount: + enableServiceAccountCreation: true + enableClusterRoleCreation: true + serviceAccountName: wso2agent-platform + roleName: wso2agent-role diff --git a/helm-charts/samples/apim-apk-agent/values.yaml b/helm-charts/samples/apim-apk-agent/values.yaml index afd8f0f4e..0d95cca34 100644 --- a/helm-charts/samples/apim-apk-agent/values.yaml +++ b/helm-charts/samples/apim-apk-agent/values.yaml @@ -17,11 +17,17 @@ replicaCount: 1 image: repository: wso2/apim-apk-agent - tag: 1.1.0-rc + tag: 1.1.0-rc2 pullPolicy: Always service: name: apim-apk-agent-service -resources: {} +resources: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "256Mi" + cpu: "200m" controlPlane: enabled: true serviceURL: https://apim-wso2am-cp-1-service.apk.svc.cluster.local:9443/ @@ -40,4 +46,9 @@ metrics: agent: mode: CPtoDP certmanager: - enabled: true + enabled: false +serviceAccount: + enableServiceAccountCreation: true + enableClusterRoleCreation: true + serviceAccountName: wso2agent-platform + roleName: wso2agent-role diff --git a/helm-charts/samples/apim/all-in-one/arm-values.yaml b/helm-charts/samples/apim/all-in-one/arm-values.yaml deleted file mode 100644 index 7bf39652c..000000000 --- a/helm-charts/samples/apim/all-in-one/arm-values.yaml +++ /dev/null @@ -1,625 +0,0 @@ -# ------------------------------------------------------------------------------------- -# -# Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). All Rights Reserved. -# -# This software is the property of WSO2 LLC. and its suppliers, if any. -# Dissemination of any information or reproduction of any material contained -# herein is strictly forbidden, unless permitted by WSO2 in accordance with the -# WSO2 Commercial License available at https://wso2.com/licenses/eula/3.2 -# -# -------------------------------------------------------------------------------------- - -aws: - # -- If AWS is used as the cloud provider - enabled: false - efs: - # -- EFS capacity - capacity: "" - # -- EFS directory permissions - directoryPerms: "0777" - # -- EFS file system ID for mounting the persistent volume - fileSystemId: "" - # -- EFS Access Points for static provisioning - accessPoints: - carbonDb: "" - solr: "" - # -- AWS region - region: "" - secretsManager: - # -- AWS Secrets Manager secret provider class name - secretProviderClass: "wso2am-am-secret-provider-class" - secretIdentifiers: - # -- Internal keystore password identifier in secrets manager - internalKeystorePassword: - # -- AWS Secrets Manager secret name - secretName: "" - # -- AWS Secrets Manager secret key - secretKey: "" - # Name of Kubernetes service account - serviceAccountName: "" - -azure: - # -- If Azure is used as the cloud provider - enabled: false - keyVault: - # -- Azure Key vault used for credential management - name: "" - # -- Azure Key vault secret provider class name - secretProviderClass: "wso2am-secret-provider-class" - secretIdentifiers: - # -- Internal keystore password identifier in keyvault - internalKeystorePassword: "" - # -- Internal keystore key password identifier in keyvault - internalKeystoreKeyPassword: "" - activeDirectory: - # -- Service Principal created for transacting with the target Azure Key Vault - # For advanced details refer to official documentation (https://github.com/Azure/secrets-store-csi-driver-provider-azure/blob/master/docs/service-principal-mode.md) - servicePrincipal: - # -- Application ID of the service principal used in secret-store-csi - appId: "" - # -- Client secret name of the service principal used in secret-store-csi - clientSecretName: "" - # -- Credentials secret name of the service principal used as nodePublisherRef - credentialsSecretName: "" - # -- Azure Active Directory tenant ID of the target Key Vault - tenantId: "" - resourceManager: - # -- Subscription ID of the target Azure Key Vault - subscriptionId: "" - # -- Name of the Azure Resource Group to which the target Azure Key Vault belongs - resourceGroup: "" - serviceAccount: "wso2am-all-in-one-svc-account" - persistence: - # Needed for persisting indexing related data - # -- Persistent volume capacity - capacity: "" - # -- Persistent volume storage class - storageClass: "" - # -- Azure file secret name - secretName: "" - # -- Azure fileshare name - fileShare: "" - -# Google Cloud Platform (GCP) integration status -gcp: - # -- If GCP is used as the cloud provider - enabled: true - # -- File Store configuration parameters - fs: - # -- Storage capacity of the file system (in GB or other appropriate units) - capacity: "" - # -- FileStore configuration for specific services - fileshares: - # -- FileShare configs for CarbonDB persistent storage - carbonDB: - # -- FileStore of the CarbonDB persistent storage - fileStoreName: "" - # -- FileShare of the CarbonDB persistent storage - fileShareName: "" - # -- IP of the CarbonDB persistent storage - ip: "" - # -- FileShare configs for Solr persistent storage - solr: - # -- FileStore of the Solr persistent storage - fileStoreName: "" - # -- FileShare of the Solr persistent storage - fileShareName: "" - # -- IP of the Solr persistent storage - ip: "" - # -- Tier of the FileStore - tier: "" - # -- Network of the FileStore - network: "" - - # -- Region of the FileStore - location: "" - - # -- Secrets Manager configuration parameters - secretsManager: - # -- Project ID - projectId: "" - # -- Secret provider class - secretProviderClass: "" - secret: - # -- Name of the secret - secretName: "" - # -- Version of the secret - secretVersion: "" - # -- Service Account with access to read secrets - serviceAccountName: "" - -kubernetes: - # -- Ingress class to be used for the ingress resource - ingressClass: "nginx" - ingress: - # -- Kubernetes secret created for Ingress TLS - tlsSecret: "" - ratelimit: - # -- Ingress rate limit - enabled: false - # -- Ingress ratelimit zone name - zoneName: "" - # -- Ingress ratelimit burst limit - burstLimit: "" - management: - enabled: true - # Hostname for API Manager Carbon Management Console, Publisher, DevPortal and Admin Portal - hostname: "am.wso2.com" - # Annotations for the API Manager Publisher-DevPortal services Ingress - annotations: - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - nginx.ingress.kubernetes.io/affinity: "cookie" - nginx.ingress.kubernetes.io/session-cookie-name: "route" - nginx.ingress.kubernetes.io/session-cookie-hash: "sha1" - gateway: - enabled: true - # -- Ingress hostname for Gateway pass-through - hostname: "gw.wso2.com" - # -- Ingress annotations for Gateway pass-through - annotations: - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - nginx.ingress.kubernetes.io/proxy-buffering: "on" - nginx.ingress.kubernetes.io/proxy-buffer-size: "8k" - websocket: - enabled: true - # -- Ingress hostname for Websocket - hostname: "websocket.wso2.com" - # -- Ingress annotations for Websocket - annotations: - #todo: add websocket specific annotations - websub: - enabled: true - # -- Ingress hostname for Websub - hostname: "websub.wso2.com" - # -- Ingress annotations for Websub - annotations: - securityContext: - # -- User ID of the container - runAsUser: 802 - runAsGroup: 802 - - -wso2: - # -- WSO2 Choreo Analytics Parameters - # If provided, these parameters will be used publish analytics data to Choreo Analytics environment (https://apim.docs.wso2.com/en/latest/observe/api-manager-analytics/configure-analytics/register-for-analytics/). - choreoAnalytics: - enabled: false - # -- Choreo Analytics cloud service endpoint - endpoint: "" - # -- On-premise key for Choreo Analytics - onpremKey: "" - - # -- ELK Analytics Parameters - ELKAnalytics: - enabled: false - - # TOML configurations - apim: - # -- APIM version - version: "4.3.0" - # -- Secure vauld enabled - secureVaultEnabled: false - # Logging related configurations - log4j2: - # -- Console loggers that can be enabled. Allowed values are AUDIT_LOG_CONSOLE, HTTP_ACCESS_CONSOLE, TRANSACTION_CONSOLE, CORRELATION_CONSOLE - loggers: "" - # -- Appenders - appenders: "" - # -- Startup arguments for APIM - startupArgs: "" - # TOML configurations - configurations: - gatewayType: "Regular,APK" - userStore: - # -- User store type. - # https://apim.docs.wso2.com/en/latest/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-the-primary-user-store/ - type: "database_unique_id" - # -- User store properties - properties: - # key: value - # -- Super admin username - adminUsername: "admin" - # -- Super admin password - adminPassword: "admin" - databases: - # -- Database type. eg: mysql, oracle, mssql, postgres - type: "h2" - jdbc: - # -- JDBC driver class name - driver: "org.h2.Driver" - # -- APIM APIMDB configurations. This is required for gateway only in a multi-tenancy scenario - apim_db: - # -- APIM APIMDB URL - url: "jdbc:h2:./repository/database/WSO2AM_DB;DB_CLOSE_ON_EXIT=FALSE" - # -- APIM APIMDB username - username: "wso2carbon" - # -- APIM APIMDB password - password: "wso2carbon" - # -- APIM database JDBC pool parameters - poolParameters: - defaultAutoCommit: false - testOnBorrow: true - testWhileIdle: true - validationInterval: 30000 - maxActive: 100 - maxWait: 60000 - minIdle: 5 - shared_db: - # -- APIM SharedDB URL - url: "jdbc:h2:./repository/database/WSO2SHARED_DB;DB_CLOSE_ON_EXIT=FALSE" - # -- APIM SharedDB username - username: "wso2carbon" - # -- APIM SharedDB password - password: "wso2carbon" - # -- APIM database JDBC pool parameters - poolParameters: - defaultAutoCommit: false - testOnBorrow: true - testWhileIdle: true - validationInterval: 30000 - maxActive: 100 - maxWait: 60000 - minIdle: 5 - - security: - # -- Kubernetes secret containing the keystores and truststore - jksSecretName: "" - keystores: - primary: - # -- Primary keystore enabled - enabled: false - # -- Primary keystore name - name: "wso2carbon.jks" - # -- Primary keystore alias - alias: "wso2carbon" - # -- Primary keystore password - password: "wso2carbon" - # -- Primary keystore key password - keyPassword: "wso2carbon" - tls: - # -- TLS keystore enabled - enabled: true - # -- TLS keystore name - name: "wso2carbon.jks" - # -- TLS keystore alias - alias: "wso2carbon" - # -- TLS keystore password - password: "wso2carbon" - # -- TLS keystore key password - keyPassword: "wso2carbon" - internal: - # -- Internal keystore enabled - enabled: false - # -- Internal keystore name - name: "wso2carbon.jks" - # -- Internal keystore alias - alias: "wso2carbon" - # -- Internal keystore password - password: "wso2carbon" - # -- Internal keystore key password - keyPassword: "wso2carbon" - truststore: - # -- Truststore name - name: "client-truststore.jks" - # -- Truststore password - password: "wso2carbon" - - gateway: - # -- APIM Gateway environments - environments: - - name: "Default" - type: "hybrid" - gatewayType: "APK" - provider: "wso2" - displayInApiConsole: true - description: "This is a hybrid gateway that handles both production and sandbox token traffic." - showAsTokenEndpointUrl: true - serviceName: "wso2am-gateway-service" - servicePort: 9443 - wsHostname: "websocket.wso2.com" - httpHostname: "default.gw.wso2.com:9095" - websubHostname: "websub.wso2.com" - - name: "Default_synapse" - type: "hybrid" - gatewayType: "Regular" - provider: "wso2" - displayInApiConsole: true - description: "This is a hybrid gateway that handles both production and sandbox token traffic." - showAsTokenEndpointUrl: true - serviceName: "wso2am-gateway-service" - servicePort: 9443 - wsHostname: "websocket.wso2.com" - httpHostname: "gw.wso2.com" - websubHostname: "websub.wso2.com" - - syncRuntimeArtifacts: - gateway: - # -- Gateway label used to filter out artifact retrieval - labels: ["Default"] - - iskm: - # If Identity Server is used as the Resident KM - enabled: false - # Kubernetes service name exposing Identity Server - serviceName: "" - # Revoke URL of Identity Server - revokeURL: "" - - jwt: - # Enable backend JWT generation in gateway - enabled: false - # JWT encoding algorithm. Can be either base64 or base64url - encoding: "base64" - # JWT header name. - header: "X-JWT-Assertion" - # JWT claim dialect - claimDialect: "http://wso2.org/claims" - # JWT signature algorithm. SHA256withRSA - signingAlgorithm: "SHA256withRSA" - # JWT generation implementation. - generatorImpl: "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator" - # Enable end user claim mapping - enableUserClaims: "false" - # JWT claims extractor implementation. eg: org.wso2.carbon.apimgt.impl.token.DefaultClaimsRetriever - claimsExtractorImpl: "org.wso2.carbon.apimgt.impl.token.DefaultClaimsRetriever" - - # APIM cache related configurations - cache: - gateway_token: - # -- Gateway token cache enabled - enabled: true - # -- Gateway token cache expiration time - expiryTime: "15m" - resource: - # -- Gateway resource cache enabled - enabled: true - # -- Gateway resource cache expiration time - expiryTime: "900s" - km_token: - # -- Gateway KM token cache enabled - enabled: true - # -- Gateway KM token cache expiration time - expiryTime: "15m" - recent_apis: - # -- Gateway recent APIs cache enabled - enabled: false - scopes: - enabled: false - publisher_roles: - enabled: false - jwt_claim: - # -- Gateway JWT claim cache enabled - enabled: true - # -- Gateway JWT claim cache expiration time - expiryTime: "15m" - tags: - # -- Gateway tags cache enabled - enabled: true - expiryTime: "2m" - - # APIM OAuth configurations - oauth_config: - # -- Remove auth header from outgoing requests - removeOutboundAuthHeader: true - # -- OAuth authorization header name - authHeader: "Authorization" - # -- OAuth revoke endpoint - revokeEndpoint: "" - # -- Enable token encryption - enableTokenEncryption: false - # -- Enable token hashing - enableTokenHashing: false - oauth2JWKSUrl: "https://apim-wso2am-cp-1-service:9443/oauth2/jwks" - - # APIM Devportal configurations - devportal: - enableApplicationSharing: - applicationSharingType: - applicationSharingImpl: - # -- Whether to display multiple versions of same API or only showing the latest version of an API - displayMultipleVersions: - # -- Whether to display deprecated APIs - displayDeprecatedApis: - # -- Whether to display comments for API - enableComments: - # -- Whether to display ratings for API - enableRatings: - # -- Whether to display forum for API - enableForum: - # -- Whether anonymous mode is enabled - enableAnonymousMode: - enableCrossTenantSubscriptions: - defaultReservedUsername: - # -- Whether to create default application - create_default_application: - loginUsernameCaseInsensitive: - enableKeyProvisioning: - - publisher: - # -- Supported document types in Publisher. - # This should be used only if there are additional document types to be supported. - supportedDocumentTypes: "" - enablePortalConfigurationOnlyMode: false - internalKeyIssuer: "http://am.wso2.com:443/token" - - # APIM CORS configurations - cors: - # -- CORS configuration enabled - enabled: true - # -- CORS Access-Control-Allow-Origin - allowOrigins: ["*"] - # -- CORS Access-Control-Allow-Methods - allowMethods: ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - # -- CORS Access-Control-Allow-Headers - allowHeaders: ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] - # -- CORS Access-Control-Allow-Credentials - allowCredentials: false - # -- Enable CORS for Websockets - enableForWS: false - - throttling: - enableDataPublishing: true - enablePolicyDeploy: true - enableBlacklistCondition: true - enablePersistence: true - throttleDecisionEndpoints: [] - enableUnlimitedTier: true - enableHeaderBasedThrottling: false - enableJwtClaimBasedThrottling: false - enableQueryParamBasedThrottling: false - blacklistCondition: - startDelay: - period: - jms: - startDelay: - eventSync: - hostname: - port: - eventManagement: - hostname: - port: - - workflow: - enable: false - serviceUrl: "" - callbackEndpoint: "" - tokenEndpoint: "" - clientRegistrationEndpoint: "" - - transport: - receiver: - type: "" - workerThreads: 10 - sessionTimeout: "" - keystore: - fileName: "$ref{keystore.tls.file_name}" - password: "$ref{keystore.tls.password}" - tcpPort: 9611 - sslPort: 9711 - sslReceiverThreadPoolSize: 100 - tcpReceiverThreadPoolSize: 100 - sslEnabledProtocols: - - "TLSv1" - - "TLSv1.1" - - "TLSv1.2" - ciphers: - - "SSL_RSA_WITH_RC4_128_MD5" - - "SSL_RSA_WITH_RC4_128_SHA" - - token: - revocation: - NotifierImpl: "org.wso2.carbon.apimgt.keymgt.events.TokenRevocationNotifierImpl" - EnableRealtimeNotifier: true - RealtimeNotifierTtl: 5000 - EnablePersistentNotifier: true - PersistentNotifierHostname: "https://localhost:2379/v2/keys/jti/" - PersistentNotifierTtl: 5000 - PersistentNotifierUsername: "root" - PersistentNotifierPassword: "root" - - notification: - fromAddress: - username: - password: - signature: - hostname: - port: 25 - enableStartTls: false - enableAuthentication: false - - eventHandlers: - - name: "userPostSelfRegistration" - subscriptions: - - "POST_ADD_USER" - - serviceProvider: - spNameRegex: "^[\\sa-zA-Z0-9._-]*$" - - eventListeners: - - id: "token_revocation" - type: "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" - name: "org.wso2.is.notification.ApimOauthEventInterceptor" - order: 1 - properties: - notificationEndpoint: "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify" - - deployment: - # Container image configurations - image: - # -- Registry containing the image - registry: "docker.io" - # -- Repository name consisting the image - repository: "wso2/wso2am" - # -- Docker image digest - digest: "sha256:c4b27b228685725cccffaa855ab0e06812edd621be6832825680bab38282a2d1" - # -- Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - imagePullPolicy: Always - - resources: - # These are the resource recommendations for running WSO2 API Management product profiles with profile optimization - # Resource configurations defined here are applicable for all API Manager product profiles of this deployment - requests: - # -- Memory request for API Manager - memory: "2Gi" - # -- CPU request for API Manager - cpu: "2000m" - limits: - # -- Memory limit for API Manager - memory: "3Gi" - # -- CPU limit for API Manager - cpu: "3000m" - jvm: - memory: - # -- JVM heap memory Xms - xms: "2048m" - # -- JVM heap memory Xmx - xmx: "2048m" - - # Kubernetes Probes - # Indicates whether the container starting - startupProbe: - # -- Number of seconds after the container has started before startup probes are initiated - initialDelaySeconds: 60 - # -- How often (in seconds) to perform the probe - periodSeconds: 10 - # -- Minimum consecutive successes for the probe to be considered successful after having failed - failureThreshold: 5 - # Indicates whether the container is running - livenessProbe: - # -- Number of seconds after the container has started before liveness probes are initiated - initialDelaySeconds: 60 - # -- How often (in seconds) to perform the probe - periodSeconds: 10 - # -- Minimum consecutive successes for the probe to be considered successful after having failed - failureThreshold: 5 - # Indicates whether the container is ready to service requests - readinessProbe: - # -- Number of seconds after the container has started before readiness probes are initiated - initialDelaySeconds: 60 - # -- How often (in seconds) to perform the probe - periodSeconds: 10 - # -- Minimum consecutive successes for the probe to be considered successful after having failed - failureThreshold: 5 - lifecycle: - preStopHook: - # -- Time to wait until the apim is terminated gracefully - sleepSeconds: 10 - - # -- Minimum available pod counts for PDB - minAvailable: "50%" - - # -- Node selector to deploy pod in selected node. Add label to the node and specify the label here. - nodeSelector: - - persistence: - # -- Persistent runtime artifacts for Apache Solr-based indexing - solrIndexing: - # -- Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled - # By default, this is disabled - enabled: false - # Define capacities for persistent runtime artifact directories - capacity: - # -- For persisting the H2 based local Carbon database file - carbonDatabase: 50M - # -- For persisting the indexed solr data - solrIndexedData: 50M diff --git a/helm-charts/samples/apim/all-in-one/amd-values.yaml b/helm-charts/samples/apim/all-in-one/values.yaml similarity index 99% rename from helm-charts/samples/apim/all-in-one/amd-values.yaml rename to helm-charts/samples/apim/all-in-one/values.yaml index 67681670b..bd135fe5d 100644 --- a/helm-charts/samples/apim/all-in-one/amd-values.yaml +++ b/helm-charts/samples/apim/all-in-one/values.yaml @@ -551,7 +551,7 @@ wso2: # -- Repository name consisting the image repository: "wso2/wso2am" # -- Docker image digest - digest: "sha256:9f02cdc61b7d8f91751dd8cfccbd608800dd50ecb68dcbd751a76c1bdb8e84ce" + digest: "sha256:7d6ec26a396dc81b9bf06e7d03cc41d1c46e3199a0db6e19dde68673fbe53c3a" # -- Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) imagePullPolicy: Always diff --git a/helm-charts/samples/apim/cp/amd-values.yaml b/helm-charts/samples/apim/cp/amd-values.yaml deleted file mode 100644 index ddcc6cc60..000000000 --- a/helm-charts/samples/apim/cp/amd-values.yaml +++ /dev/null @@ -1,465 +0,0 @@ -# ------------------------------------------------------------------------------------- -# -# Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). All Rights Reserved. -# -# This software is the property of WSO2 LLC. and its suppliers, if any. -# Dissemination of any information or reproduction of any material contained -# herein is strictly forbidden, unless permitted by WSO2 in accordance with the -# WSO2 Commercial License available at https://wso2.com/licenses/eula/3.2 -# -# -------------------------------------------------------------------------------------- - -aws: - # -- If AWS is used as the cloud provider - enabled: false - efs: - # -- EFS capacity - capacity: "" - # -- EFS directory permissions - directoryPerms: "0777" - # -- EFS file system ID for mounting the persistent volume - fileSystemId: "" - # -- EFS Access Points for static provisioning - accessPoints: - carbonDb1: "" - solr1: "" - carbonDb2: "" - solr2: "" - # -- AWS region - region: "" - secretsManager: - # -- AWS Secrets Manager secret provider class name - secretProviderClass: "wso2am-cp-secret-provider-class" - secretIdentifiers: - # -- Internal keystore password identifier in secrets manager - internalKeystorePassword: - # -- AWS Secrets Manager secret name - secretName: "" - # -- AWS Secrets Manager secret key - secretKey: "" - serviceAccountName: "" -azure: - # -- If Azure is used as the cloud provider - enabled: false - keyVault: - # -- Azure Key vault used for credential management - name: "" - # -- Azure Key vault secret provider class name - secretProviderClass: "wso2am-cp-secret-provider-class" - secretIdentifiers: - # -- Internal keystore password identifier in keyvault - internalKeystorePassword: "" - # -- Internal keystore key password identifier in keyvault - internalKeystoreKeyPassword: "" - activeDirectory: - # -- Service Principal created for transacting with the target Azure Key Vault - # For advanced details refer to official documentation (https://github.com/Azure/secrets-store-csi-driver-provider-azure/blob/master/docs/service-principal-mode.md) - servicePrincipal: - # -- Application ID of the service principal used in secret-store-csi - appId: "" - # -- Client secret name of the service principal used in secret-store-csi - clientSecretName: "" - # -- Credentials secret name of the service principal used as nodePublisherRef - credentialsSecretName: "" - # -- Azure Active Directory tenant ID of the target Key Vault - tenantId: "" - resourceManager: - # -- Subscription ID of the target Azure Key Vault - subscriptionId: "" - # -- Name of the Azure Resource Group to which the target Azure Key Vault belongs - resourceGroup: "" - persistence: - # Needed for persisting indexing related data - # -- Persistent volume capacity - capacity: "" - # -- Persistent volume storage class - storageClass: "" - # -- Azure file secret name - secretName: "" - # -- Azure fileshare name - fileShare: "" - -# Google Cloud Platform (GCP) integration status -gcp: - # -- If GCP is used as the cloud provider - enabled: false - # -- File Store configuration parameters - fs: - # -- Storage capacity of the file system (in GB or other appropriate units) - capacity: "" - # -- FileStore configuration for specific services - fileshares: - # -- FileShare configs for CarbonDB persistent storage for instance 1 - carbonDB1: - # -- FileStore of the CarbonDB persistent storage for instance 1 - fileStoreName: "" - # -- FileShare of the CarbonDB persistent storage for instance 1 - fileShareName: "" - # -- IP of the CarbonDB persistent storage for instance 1 - ip: "" - # -- FileShare configs for Solr persistent storage for instance 1 - solr1: - # -- FileStore of the Solr persistent storage for instance 1 - fileStoreName: "" - # -- FileShare of the Solr persistent storage for instance 1 - fileShareName: "" - # -- IP of the Solr persistent storage for instance 1 - ip: "" - # -- FileShare configs for CarbonDB2 persistent storage for instance 2 - carbonDB2: - # -- FileStore of the CarbonDB persistent storage for instance 2 - fileStoreName: "" - # -- FileShare of the CarbonDB persistent storage for instance 2 - fileShareName: "" - # -- IP of the CarbonDB persistent storage for instance 2 - ip: "" - # -- FileShare configs for Solr persistent storage for instance 2 - solr2: - # -- FileStore of the Solr persistent storage for instance 2 - fileStoreName: "" - # -- FileShare of the Solr persistent storage for instance 2 - fileShareName: "" - # -- IP of the Solr persistent storage for instance 2 - ip: "" - # -- Tier of the FileStore - tier: "" - # -- Network of the FileStore - network: "" - # -- Region of the FileStore - location: "" - - # -- Secrets Manager configuration parameters - secretsManager: - # -- Project ID - projectId: "" - # -- Secret provider class - secretProviderClass: "" - secret: - # -- Name of the secret - secretName: "" - # -- Version of the secret - secretVersion: "" - # -- Service Account with access to read secrets - serviceAccountName: "" - -kubernetes: - # -- Ingress class to be used for the ingress resource - ingressClass: "nginx" - ingress: - # -- Kubernetes secret created for Ingress TLS - tlsSecret: "" - ratelimit: - # -- Ingress rate limit - enabled: false - # -- Ingress ratelimit zone name - zoneName: "" - # -- Ingress ratelimit burst limit - burstLimit: "" - controlPlane: - # -- Ingress hostname - hostname: "am.wso2.com" - # -- Ingress annotations - annotations: - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - nginx.ingress.kubernetes.io/affinity: "cookie" - nginx.ingress.kubernetes.io/session-cookie-name: "route" - nginx.ingress.kubernetes.io/session-cookie-hash: "sha1" - - securityContext: - # -- User ID of the container - runAsUser: 802 - # -- Enable AppArmor profiles for the deployment - enableAppArmor: false - -wso2: - apim: - # -- APIM version - version: "4.3.0" - # -- Secure vauld enabled - secureVaultEnabled: false - # Logging related configurations - log4j2: - # -- Console loggers that can be enabled. Allowed values are AUDIT_LOG_CONSOLE, HTTP_ACCESS_CONSOLE, TRANSACTION_CONSOLE, CORRELATION_CONSOLE - loggers: "" - # -- Appenders - appenders: "" - # -- Startup arguments for APIM - startupArgs: "" - # -- Port Offset for APIM deployment - portOffset: 0 - # TOML configurations - configurations: - gatewayType: "Regular,APK" - userStore: - # -- User store type. - # https://apim.docs.wso2.com/en/latest/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-the-primary-user-store/ - type: "database_unique_id" - # -- User store properties - properties: - key: value - # -- Super admin username - adminUsername: "admin" - # -- Super admin password - adminPassword: "admin" - databases: - # -- Database type. eg: mysql, oracle, mssql, postgres - type: "h2" - jdbc: - # -- JDBC driver class name - driver: "org.h2.Driver" - # -- APIM AM_DB configurations. - apim_db: - # -- APIM AM_DB URL - url: "jdbc:h2:./repository/database/WSO2AM_DB;DB_CLOSE_ON_EXIT=FALSE" - # -- APIM AM_DB username - username: "wso2carbon" - # -- APIM AM_DB password - password: "wso2carbon" - # -- APIM database JDBC pool parameters - poolParameters: - defaultAutoCommit: false - testOnBorrow: true - testWhileIdle: true - validationInterval: 30000 - maxActive: 100 - maxWait: 60000 - minIdle: 5 - # -- APIM SharedDB configurations. - shared_db: - # -- APIM SharedDB URL - url: "jdbc:h2:./repository/database/WSO2SHARED_DB;DB_CLOSE_ON_EXIT=FALSE" - # -- APIM SharedDB username - username: "wso2carbon" - # -- APIM SharedDB password - password: "wso2carbon" - # -- APIM shared database JDBC pool parameters - poolParameters: - defaultAutoCommit: false - testOnBorrow: true - testWhileIdle: true - validationInterval: 30000 - maxActive: 100 - maxWait: 60000 - minIdle: 5 - - security: - # -- Kubernetes secret containing the keystores and truststore - jksSecretName: "" - keystores: - primary: - # -- Primary keystore enabled - enabled: false - # -- Primary keystore name - name: "wso2carbon.jks" - # -- Primary keystore alias - alias: "wso2carbon" - # -- Primary keystore password - password: "wso2carbon" - # -- Primary keystore key password - keyPassword: "wso2carbon" - tls: - # -- TLS keystore enabled - enabled: true - # -- TLS keystore name - name: "wso2carbon.jks" - # -- TLS keystore alias - alias: "wso2carbon" - # -- TLS keystore password - password: "wso2carbon" - # -- TLS keystore key password - keyPassword: "wso2carbon" - internal: - # -- Internal keystore enabled - enabled: false - # -- Internal keystore name - name: "wso2carbon.jks" - # -- Internal keystore alias - alias: "wso2carbon" - # -- Internal keystore password - password: "wso2carbon" - # -- Internal keystore key password - keyPassword: "wso2carbon" - truststore: - # -- Truststore name - name: "client-truststore.jks" - # -- Truststore password - password: "wso2carbon" - - gateway: - # -- APIM Gateway environments - environments: - - name: "Default" - type: "hybrid" - provider: "wso2" - gatewayType: "APK" - displayInApiConsole: true - description: "This is a hybrid gateway that handles both production and sandbox token traffic." - showAsTokenEndpointUrl: true - serviceName: "wso2am-gateway-service" - servicePort: 9443 - wsHostname: "websocket.wso2.com" - httpHostname: "default.gw.wso2.com:9095" - websubHostname: "websub.wso2.com" - - name: "Default_synapse" - type: "hybrid" - gatewayType: "Regular" - provider: "wso2" - displayInApiConsole: true - description: "This is a hybrid gateway that handles both production and sandbox token traffic." - showAsTokenEndpointUrl: true - serviceName: "wso2am-gateway-service" - servicePort: 9443 - wsHostname: "websocket.wso2.com" - httpHostname: "gw.wso2.com" - websubHostname: "websub.wso2.com" - - iskm: - # -- If Identity Server is used as the Resident KM - enabled: false - # -- Kubernetes service name exposing Identity Server - serviceName: "" - # -- Kubernetes service port exposing Identity Serve - servicePort: 9443 - - publisher: - # -- Supported document types in Publisher. - # This should be used only if there are additional document types to be supported. - supportedDocumentTypes: "" - enablePortalConfigurationOnlyMode: false - internalKeyIssuer: "http://am.wso2.com:443/token" - - devportal: - enableApplicationSharing: - applicationSharingType: - applicationSharingImpl: - displayMutipleVersions: - displayDeprecatedAPIs: - enableComments: - enableRatings: - enableForum: - enableAnonymousMode: - enableCrossTenantSubscriptions: - defaultReservedUsername: - loginUsernameCaseInsensitive: - enableKeyProvisioning: - - # APIM OAuth configurations - oauth_config: - # -- Enable token encryption - enableTokenEncryption: false - # -- Enable token hashing - enableTokenHashing: false - # -- List of allow-listed scopes - allowedScopes: ["^device_.*,openid"] - oauth2JWKSUrl: "https://apim-wso2am-cp-1-service:9443/oauth2/jwks" - - # APIM Open Tracing configurations - # https://apim.docs.wso2.com/en/latest/observe/api-manager/traces/monitoring-with-opentracing/ - openTracer: - # -- Open Tracing enabled - enabled: false - # -- Remote tracer name. e.g. jaeger, zipkin - name: "" - properties: - # -- Remote tracer hostname - hostname: "" - # -- Remote tracer port - port: "" - # APIM Open Telemetry configurations - openTelemetry: - # -- Open Telemetry enabled - enabled: false - # -- Remote tracer name. e.g. jaeger, zipkin, OTLP - name: "" - # -- Remote tracer hostname - hostname: "" - # -- Remote tracer port - port: "" - - deployment: - # Container image configurations - image: - # -- Container registry hostname - registry: "docker.io" - # -- Azure ACR repository name consisting the image - repository: "wso2/wso2am" - # -- Docker image digest - digest: "sha256:9f02cdc61b7d8f91751dd8cfccbd608800dd50ecb68dcbd751a76c1bdb8e84ce" - # -- Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - imagePullPolicy: Always - - resources: - # These are the resource recommendations for running WSO2 API Management product profiles with profile optimization - # Resource configurations defined here are applicable for all API Manager product profiles of this deployment - requests: - # -- Memory request for API Manager - memory: "2Gi" - # -- CPU request for API Manager - cpu: "2000m" - limits: - # -- Memory limit for API Manager - memory: "3Gi" - # -- CPU limit for API Manager - cpu: "3000m" - jvm: - memory: - # -- JVM heap memory Xms - xms: "2048m" - # -- JVM heap memory Xmx - xmx: "2048m" - - # Kubernetes Probes - # Indicates whether the container starting - startupProbe: - # -- Number of seconds after the container has started before startup probes are initiated - initialDelaySeconds: 60 - # -- How often (in seconds) to perform the probe - periodSeconds: 10 - # -- Minimum consecutive successes for the probe to be considered successful after having failed - failureThreshold: 3 - # Indicates whether the container is running - livenessProbe: - # -- Number of seconds after the container has started before liveness probes are initiated - initialDelaySeconds: 60 - # -- How often (in seconds) to perform the probe - periodSeconds: 10 - # -- Minimum consecutive successes for the probe to be considered successful after having failed - failureThreshold: 3 - # Indicates whether the container is ready to service requests - readinessProbe: - # -- Number of seconds after the container has started before readiness probes are initiated - initialDelaySeconds: 60 - # -- How often (in seconds) to perform the probe - periodSeconds: 10 - # -- Minimum consecutive successes for the probe to be considered successful after having failed - failureThreshold: 3 - - lifecycle: - preStopHook: - # -- Number of seconds to sleep before sending SIGTERM to the pod - sleepSeconds: 10 - - # Number of deployment replicas - replicas: 1 - # -- Minimum available pod counts for PDB - minAvailable: "50%" - - # -- Node selector to deploy pod in selected node. Add label to the node and specify the label here. - nodeSelector: - - # -- Enable high availability for traffic manager. If this is enabled, two traffic manager instances will be deployed. - # This is not relavant to HA in Kubernetes. Multiple replicas of the same instance will not count as HA for TM. - highAvailability: false - - persistence: - # -- Persistent runtime artifacts for Apache Solr-based indexing - solrIndexing: - # -- Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled - # By default, this is disabled - enabled: false - # Define capacities for persistent runtime artifact directories - capacity: - # -- For persisting the H2 based local Carbon database file - carbonDatabase: 50M - # -- For persisting the indexed solr data - solrIndexedData: 50M \ No newline at end of file diff --git a/helm-charts/samples/apim/cp/apk-cp/amd-values.yaml b/helm-charts/samples/apim/cp/apk-cp/amd-values.yaml deleted file mode 100644 index 76cad3d26..000000000 --- a/helm-charts/samples/apim/cp/apk-cp/amd-values.yaml +++ /dev/null @@ -1,453 +0,0 @@ -# ------------------------------------------------------------------------------------- -# -# Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). All Rights Reserved. -# -# This software is the property of WSO2 LLC. and its suppliers, if any. -# Dissemination of any information or reproduction of any material contained -# herein is strictly forbidden, unless permitted by WSO2 in accordance with the -# WSO2 Commercial License available at https://wso2.com/licenses/eula/3.2 -# -# -------------------------------------------------------------------------------------- - -aws: - # -- If AWS is used as the cloud provider - enabled: false - efs: - # -- EFS capacity - capacity: "" - # -- EFS directory permissions - directoryPerms: "0777" - # -- EFS file system ID for mounting the persistent volume - fileSystemId: "" - # -- EFS Access Points for static provisioning - accessPoints: - carbonDb1: "" - solr1: "" - carbonDb2: "" - solr2: "" - # -- AWS region - region: "" - secretsManager: - # -- AWS Secrets Manager secret provider class name - secretProviderClass: "wso2am-cp-secret-provider-class" - secretIdentifiers: - # -- Internal keystore password identifier in secrets manager - internalKeystorePassword: - # -- AWS Secrets Manager secret name - secretName: "" - # -- AWS Secrets Manager secret key - secretKey: "" - serviceAccountName: "" -azure: - # -- If Azure is used as the cloud provider - enabled: false - keyVault: - # -- Azure Key vault used for credential management - name: "" - # -- Azure Key vault secret provider class name - secretProviderClass: "wso2am-cp-secret-provider-class" - secretIdentifiers: - # -- Internal keystore password identifier in keyvault - internalKeystorePassword: "" - # -- Internal keystore key password identifier in keyvault - internalKeystoreKeyPassword: "" - activeDirectory: - # -- Service Principal created for transacting with the target Azure Key Vault - # For advanced details refer to official documentation (https://github.com/Azure/secrets-store-csi-driver-provider-azure/blob/master/docs/service-principal-mode.md) - servicePrincipal: - # -- Application ID of the service principal used in secret-store-csi - appId: "" - # -- Client secret name of the service principal used in secret-store-csi - clientSecretName: "" - # -- Credentials secret name of the service principal used as nodePublisherRef - credentialsSecretName: "" - # -- Azure Active Directory tenant ID of the target Key Vault - tenantId: "" - resourceManager: - # -- Subscription ID of the target Azure Key Vault - subscriptionId: "" - # -- Name of the Azure Resource Group to which the target Azure Key Vault belongs - resourceGroup: "" - persistence: - # Needed for persisting indexing related data - # -- Persistent volume capacity - capacity: "" - # -- Persistent volume storage class - storageClass: "" - # -- Azure file secret name - secretName: "" - # -- Azure fileshare name - fileShare: "" - -# Google Cloud Platform (GCP) integration status -gcp: - # -- If GCP is used as the cloud provider - enabled: false - # -- File Store configuration parameters - fs: - # -- Storage capacity of the file system (in GB or other appropriate units) - capacity: "" - # -- FileStore configuration for specific services - fileshares: - # -- FileShare configs for CarbonDB persistent storage for instance 1 - carbonDB1: - # -- FileStore of the CarbonDB persistent storage for instance 1 - fileStoreName: "" - # -- FileShare of the CarbonDB persistent storage for instance 1 - fileShareName: "" - # -- IP of the CarbonDB persistent storage for instance 1 - ip: "" - # -- FileShare configs for Solr persistent storage for instance 1 - solr1: - # -- FileStore of the Solr persistent storage for instance 1 - fileStoreName: "" - # -- FileShare of the Solr persistent storage for instance 1 - fileShareName: "" - # -- IP of the Solr persistent storage for instance 1 - ip: "" - # -- FileShare configs for CarbonDB2 persistent storage for instance 2 - carbonDB2: - # -- FileStore of the CarbonDB persistent storage for instance 2 - fileStoreName: "" - # -- FileShare of the CarbonDB persistent storage for instance 2 - fileShareName: "" - # -- IP of the CarbonDB persistent storage for instance 2 - ip: "" - # -- FileShare configs for Solr persistent storage for instance 2 - solr2: - # -- FileStore of the Solr persistent storage for instance 2 - fileStoreName: "" - # -- FileShare of the Solr persistent storage for instance 2 - fileShareName: "" - # -- IP of the Solr persistent storage for instance 2 - ip: "" - # -- Tier of the FileStore - tier: "" - # -- Network of the FileStore - network: "" - # -- Region of the FileStore - location: "" - - # -- Secrets Manager configuration parameters - secretsManager: - # -- Project ID - projectId: "" - # -- Secret provider class - secretProviderClass: "" - secret: - # -- Name of the secret - secretName: "" - # -- Version of the secret - secretVersion: "" - # -- Service Account with access to read secrets - serviceAccountName: "" - -kubernetes: - # -- Ingress class to be used for the ingress resource - ingressClass: "nginx" - ingress: - # -- Kubernetes secret created for Ingress TLS - tlsSecret: "" - ratelimit: - # -- Ingress rate limit - enabled: false - # -- Ingress ratelimit zone name - zoneName: "" - # -- Ingress ratelimit burst limit - burstLimit: "" - controlPlane: - # -- Ingress hostname - hostname: "am.wso2.com" - # -- Ingress annotations - annotations: - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - nginx.ingress.kubernetes.io/affinity: "cookie" - nginx.ingress.kubernetes.io/session-cookie-name: "route" - nginx.ingress.kubernetes.io/session-cookie-hash: "sha1" - - securityContext: - # -- User ID of the container - runAsUser: 802 - # -- Enable AppArmor profiles for the deployment - enableAppArmor: false - -wso2: - apim: - # -- APIM version - version: "4.3.0" - # -- Secure vauld enabled - secureVaultEnabled: false - # Logging related configurations - log4j2: - # -- Console loggers that can be enabled. Allowed values are AUDIT_LOG_CONSOLE, HTTP_ACCESS_CONSOLE, TRANSACTION_CONSOLE, CORRELATION_CONSOLE - loggers: "" - # -- Appenders - appenders: "" - # -- Startup arguments for APIM - startupArgs: "" - # -- Port Offset for APIM deployment - portOffset: 0 - # TOML configurations - configurations: - gatewayType: "APK" - userStore: - # -- User store type. - # https://apim.docs.wso2.com/en/latest/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-the-primary-user-store/ - type: "database_unique_id" - # -- User store properties - properties: - key: value - # -- Super admin username - adminUsername: "admin" - # -- Super admin password - adminPassword: "admin" - databases: - # -- Database type. eg: mysql, oracle, mssql, postgres - type: "h2" - jdbc: - # -- JDBC driver class name - driver: "org.h2.Driver" - # -- APIM AM_DB configurations. - apim_db: - # -- APIM AM_DB URL - url: "jdbc:h2:./repository/database/WSO2AM_DB;DB_CLOSE_ON_EXIT=FALSE" - # -- APIM AM_DB username - username: "wso2carbon" - # -- APIM AM_DB password - password: "wso2carbon" - # -- APIM database JDBC pool parameters - poolParameters: - defaultAutoCommit: false - testOnBorrow: true - testWhileIdle: true - validationInterval: 30000 - maxActive: 100 - maxWait: 60000 - minIdle: 5 - # -- APIM SharedDB configurations. - shared_db: - # -- APIM SharedDB URL - url: "jdbc:h2:./repository/database/WSO2SHARED_DB;DB_CLOSE_ON_EXIT=FALSE" - # -- APIM SharedDB username - username: "wso2carbon" - # -- APIM SharedDB password - password: "wso2carbon" - # -- APIM shared database JDBC pool parameters - poolParameters: - defaultAutoCommit: false - testOnBorrow: true - testWhileIdle: true - validationInterval: 30000 - maxActive: 100 - maxWait: 60000 - minIdle: 5 - - security: - # -- Kubernetes secret containing the keystores and truststore - jksSecretName: "" - keystores: - primary: - # -- Primary keystore enabled - enabled: false - # -- Primary keystore name - name: "wso2carbon.jks" - # -- Primary keystore alias - alias: "wso2carbon" - # -- Primary keystore password - password: "wso2carbon" - # -- Primary keystore key password - keyPassword: "wso2carbon" - tls: - # -- TLS keystore enabled - enabled: true - # -- TLS keystore name - name: "wso2carbon.jks" - # -- TLS keystore alias - alias: "wso2carbon" - # -- TLS keystore password - password: "wso2carbon" - # -- TLS keystore key password - keyPassword: "wso2carbon" - internal: - # -- Internal keystore enabled - enabled: false - # -- Internal keystore name - name: "wso2carbon.jks" - # -- Internal keystore alias - alias: "wso2carbon" - # -- Internal keystore password - password: "wso2carbon" - # -- Internal keystore key password - keyPassword: "wso2carbon" - truststore: - # -- Truststore name - name: "client-truststore.jks" - # -- Truststore password - password: "wso2carbon" - - gateway: - # -- APIM Gateway environments - environments: - - name: "Default" - type: "hybrid" - provider: "wso2" - gatewayType: "APK" - displayInApiConsole: true - description: "This is a hybrid gateway that handles both production and sandbox token traffic." - showAsTokenEndpointUrl: true - serviceName: "wso2am-gateway-service" - servicePort: 9443 - wsHostname: "websocket.wso2.com" - httpHostname: "carbon.super.gw.wso2.com:9095" - websubHostname: "websub.wso2.com" - - iskm: - # -- If Identity Server is used as the Resident KM - enabled: false - # -- Kubernetes service name exposing Identity Server - serviceName: "" - # -- Kubernetes service port exposing Identity Serve - servicePort: 9443 - - publisher: - # -- Supported document types in Publisher. - # This should be used only if there are additional document types to be supported. - supportedDocumentTypes: "" - enablePortalConfigurationOnlyMode: true - internalKeyIssuer: "http://am.wso2.com:443/token" - - devportal: - enableApplicationSharing: - applicationSharingType: - applicationSharingImpl: - displayMutipleVersions: - displayDeprecatedAPIs: - enableComments: - enableRatings: - enableForum: - enableAnonymousMode: - enableCrossTenantSubscriptions: - defaultReservedUsername: - loginUsernameCaseInsensitive: - enableKeyProvisioning: - - # APIM OAuth configurations - oauth_config: - # -- Enable token encryption - enableTokenEncryption: false - # -- Enable token hashing - enableTokenHashing: false - # -- List of allow-listed scopes - allowedScopes: ["^device_.*,openid"] - oauth2JWKSUrl: "https://apim-wso2am-cp-1-service:9443/oauth2/jwks" - - # APIM Open Tracing configurations - # https://apim.docs.wso2.com/en/latest/observe/api-manager/traces/monitoring-with-opentracing/ - openTracer: - # -- Open Tracing enabled - enabled: false - # -- Remote tracer name. e.g. jaeger, zipkin - name: "" - properties: - # -- Remote tracer hostname - hostname: "" - # -- Remote tracer port - port: "" - # APIM Open Telemetry configurations - openTelemetry: - # -- Open Telemetry enabled - enabled: false - # -- Remote tracer name. e.g. jaeger, zipkin, OTLP - name: "" - # -- Remote tracer hostname - hostname: "" - # -- Remote tracer port - port: "" - - deployment: - # Container image configurations - image: - # -- Container registry hostname - registry: "docker.io" - # -- Azure ACR repository name consisting the image - repository: "wso2/wso2am" - # -- Docker image digest - digest: "sha256:9f02cdc61b7d8f91751dd8cfccbd608800dd50ecb68dcbd751a76c1bdb8e84ce" - # -- Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - imagePullPolicy: Always - - resources: - # These are the resource recommendations for running WSO2 API Management product profiles with profile optimization - # Resource configurations defined here are applicable for all API Manager product profiles of this deployment - requests: - # -- Memory request for API Manager - memory: "2Gi" - # -- CPU request for API Manager - cpu: "2000m" - limits: - # -- Memory limit for API Manager - memory: "3Gi" - # -- CPU limit for API Manager - cpu: "3000m" - jvm: - memory: - # -- JVM heap memory Xms - xms: "2048m" - # -- JVM heap memory Xmx - xmx: "2048m" - - # Kubernetes Probes - # Indicates whether the container starting - startupProbe: - # -- Number of seconds after the container has started before startup probes are initiated - initialDelaySeconds: 60 - # -- How often (in seconds) to perform the probe - periodSeconds: 10 - # -- Minimum consecutive successes for the probe to be considered successful after having failed - failureThreshold: 3 - # Indicates whether the container is running - livenessProbe: - # -- Number of seconds after the container has started before liveness probes are initiated - initialDelaySeconds: 60 - # -- How often (in seconds) to perform the probe - periodSeconds: 10 - # -- Minimum consecutive successes for the probe to be considered successful after having failed - failureThreshold: 3 - # Indicates whether the container is ready to service requests - readinessProbe: - # -- Number of seconds after the container has started before readiness probes are initiated - initialDelaySeconds: 60 - # -- How often (in seconds) to perform the probe - periodSeconds: 10 - # -- Minimum consecutive successes for the probe to be considered successful after having failed - failureThreshold: 3 - - lifecycle: - preStopHook: - # -- Number of seconds to sleep before sending SIGTERM to the pod - sleepSeconds: 10 - - # Number of deployment replicas - replicas: 1 - # -- Minimum available pod counts for PDB - minAvailable: "50%" - - # -- Node selector to deploy pod in selected node. Add label to the node and specify the label here. - nodeSelector: - - # -- Enable high availability for traffic manager. If this is enabled, two traffic manager instances will be deployed. - # This is not relavant to HA in Kubernetes. Multiple replicas of the same instance will not count as HA for TM. - highAvailability: false - - persistence: - # -- Persistent runtime artifacts for Apache Solr-based indexing - solrIndexing: - # -- Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled - # By default, this is disabled - enabled: false - # Define capacities for persistent runtime artifact directories - capacity: - # -- For persisting the H2 based local Carbon database file - carbonDatabase: 50M - # -- For persisting the indexed solr data - solrIndexedData: 50M diff --git a/helm-charts/samples/apim/cp/apk-cp/arm-values.yaml b/helm-charts/samples/apim/cp/apk-cp/values.yaml similarity index 99% rename from helm-charts/samples/apim/cp/apk-cp/arm-values.yaml rename to helm-charts/samples/apim/cp/apk-cp/values.yaml index e6b598d51..4080075cd 100644 --- a/helm-charts/samples/apim/cp/apk-cp/arm-values.yaml +++ b/helm-charts/samples/apim/cp/apk-cp/values.yaml @@ -372,7 +372,7 @@ wso2: # -- Azure ACR repository name consisting the image repository: "wso2/wso2am" # -- Docker image digest - digest: "sha256:c4b27b228685725cccffaa855ab0e06812edd621be6832825680bab38282a2d1" + digest: "sha256:7d6ec26a396dc81b9bf06e7d03cc41d1c46e3199a0db6e19dde68673fbe53c3a" # -- Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) imagePullPolicy: Always diff --git a/helm-charts/samples/apim/cp/arm-values.yaml b/helm-charts/samples/apim/cp/values.yaml similarity index 99% rename from helm-charts/samples/apim/cp/arm-values.yaml rename to helm-charts/samples/apim/cp/values.yaml index 69ac09f33..65f59e84d 100644 --- a/helm-charts/samples/apim/cp/arm-values.yaml +++ b/helm-charts/samples/apim/cp/values.yaml @@ -384,7 +384,7 @@ wso2: # -- Azure ACR repository name consisting the image repository: "wso2/wso2am" # -- Docker image digest - digest: "sha256:c4b27b228685725cccffaa855ab0e06812edd621be6832825680bab38282a2d1" + digest: "sha256:7d6ec26a396dc81b9bf06e7d03cc41d1c46e3199a0db6e19dde68673fbe53c3a" # -- Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) imagePullPolicy: Always diff --git a/helm-charts/samples/apk/cp-enabled-values.yaml b/helm-charts/samples/apk/cp-enabled-values.yaml index 7fa3368a6..8398dab04 100644 --- a/helm-charts/samples/apk/cp-enabled-values.yaml +++ b/helm-charts/samples/apk/cp-enabled-values.yaml @@ -56,6 +56,7 @@ wso2: gateway: listener: hostname: "gw.wso2.com" + service: {} # secretName: "idp-tls" # partitionServer: # enabled: false @@ -90,7 +91,7 @@ wso2: strategy: RollingUpdate replicas: 1 imagePullPolicy: Always - image: wso2/apk-config-deployer-service:1.1.0-rc + image: wso2/apk-config-deployer-service:1.1.0-rc2 # configs: # tls: # secretName: "my-secret" @@ -116,7 +117,7 @@ wso2: strategy: RollingUpdate replicas: 1 imagePullPolicy: Always - image: wso2/apk-adapter:1.1.0-rc + image: wso2/apk-adapter:1.1.0-rc2 security: sslHostname: "adapter" # logging: @@ -149,7 +150,7 @@ wso2: strategy: RollingUpdate replicas: 1 imagePullPolicy: Always - image: wso2/apk-common-controller:1.1.0-rc + image: wso2/apk-common-controller:1.1.0-rc2 security: sslHostname: "commoncontroller" # configs: @@ -176,7 +177,7 @@ wso2: strategy: RollingUpdate replicas: 1 imagePullPolicy: Always - image: wso2/apk-ratelimiter:1.1.0-rc + image: wso2/apk-ratelimiter:1.1.0-rc2 security: sslHostname: "ratelimiter" # configs: @@ -206,7 +207,7 @@ wso2: failureThreshold: 5 strategy: RollingUpdate imagePullPolicy: Always - image: wso2/apk-router:1.1.0-rc + image: wso2/apk-router:1.1.0-rc2 # configs: # tls: # secretName: "router-cert" @@ -237,7 +238,7 @@ wso2: failureThreshold: 5 strategy: RollingUpdate imagePullPolicy: Always - image: wso2/apk-enforcer:1.1.0-rc + image: wso2/apk-enforcer:1.1.0-rc2 security: sslHostname: "enforcer" # logging: @@ -309,7 +310,7 @@ idp: strategy: RollingUpdate replicas: 1 imagePullPolicy: Always - image: wso2/apk-idp-domain-service:1.1.0-rc + image: wso2/apk-idp-domain-service:1.1.0-rc2 idpui: deployment: resources: @@ -330,7 +331,7 @@ idp: strategy: RollingUpdate replicas: 1 imagePullPolicy: Always - image: wso2/apk-idp-ui:1.1.0-rc + image: wso2/apk-idp-ui:1.1.0-rc2 configs: idpLoginUrl: "https://idp.am.wso2.com:9095/commonauth/login" idpAuthCallBackUrl: "https://idp.am.wso2.com:9095/oauth2/auth-callback" @@ -341,6 +342,9 @@ gatewaySystem: enableClusterRoleCreation: true serviceAccountName: gateway-api-admission applyGatewayWehbhookJobs: true + deployment: + image: registry.k8s.io/gateway-api/admission-server:v1.0.0 + imagePullPolicy: Always certmanager: enabled: true diff --git a/helm-charts/samples/apk/values.yaml b/helm-charts/samples/apk/values.yaml index cb25161e7..6ab1a23ba 100644 --- a/helm-charts/samples/apk/values.yaml +++ b/helm-charts/samples/apk/values.yaml @@ -57,6 +57,7 @@ wso2: gateway: listener: hostname: "gw.wso2.com" + service: {} # secretName: "idp-tls" # partitionServer: # enabled: false @@ -91,7 +92,7 @@ wso2: strategy: RollingUpdate replicas: 1 imagePullPolicy: Always - image: wso2/apk-config-deployer-service:1.1.0-rc + image: wso2/apk-config-deployer-service:1.1.0-rc2 # configs: # tls: # secretName: "my-secret" @@ -117,7 +118,7 @@ wso2: strategy: RollingUpdate replicas: 1 imagePullPolicy: Always - image: wso2/apk-adapter:1.1.0-rc + image: wso2/apk-adapter:1.1.0-rc2 security: sslHostname: "adapter" # logging: @@ -150,7 +151,7 @@ wso2: strategy: RollingUpdate replicas: 1 imagePullPolicy: Always - image: wso2/apk-common-controller:1.1.0-rc + image: wso2/apk-common-controller:1.1.0-rc2 security: sslHostname: "commoncontroller" # configs: @@ -177,7 +178,7 @@ wso2: strategy: RollingUpdate replicas: 1 imagePullPolicy: Always - image: wso2/apk-ratelimiter:1.1.0-rc + image: wso2/apk-ratelimiter:1.1.0-rc2 security: sslHostname: "ratelimiter" # configs: @@ -207,7 +208,7 @@ wso2: failureThreshold: 5 strategy: RollingUpdate imagePullPolicy: Always - image: wso2/apk-router:1.1.0-rc + image: wso2/apk-router:1.1.0-rc2 # configs: # tls: # secretName: "router-cert" @@ -238,7 +239,7 @@ wso2: failureThreshold: 5 strategy: RollingUpdate imagePullPolicy: Always - image: wso2/apk-enforcer:1.1.0-rc + image: wso2/apk-enforcer:1.1.0-rc2 security: sslHostname: "enforcer" # logging: @@ -312,7 +313,7 @@ idp: strategy: RollingUpdate replicas: 1 imagePullPolicy: Always - image: wso2/apk-idp-domain-service:1.1.0-rc + image: wso2/apk-idp-domain-service:1.1.0-rc2 idpui: deployment: resources: @@ -333,7 +334,7 @@ idp: strategy: RollingUpdate replicas: 1 imagePullPolicy: Always - image: wso2/apk-idp-ui:1.1.0-rc + image: wso2/apk-idp-ui:1.1.0-rc2 configs: idpLoginUrl: "https://idp.am.wso2.com:9095/commonauth/login" idpAuthCallBackUrl: "https://idp.am.wso2.com:9095/oauth2/auth-callback" @@ -344,6 +345,9 @@ gatewaySystem: enableClusterRoleCreation: true serviceAccountName: gateway-api-admission applyGatewayWehbhookJobs: true + deployment: + image: registry.k8s.io/gateway-api/admission-server:v1.0.0 + imagePullPolicy: Always certmanager: enabled: true diff --git a/helm-charts/values.yaml b/helm-charts/values.yaml index dba5ceb00..d89522f29 100644 --- a/helm-charts/values.yaml +++ b/helm-charts/values.yaml @@ -94,7 +94,7 @@ wso2: strategy: RollingUpdate replicas: 1 imagePullPolicy: Always - image: wso2/apk-config-deployer-service:1.1.0-rc + image: wso2/apk-config-deployer-service:1.1.0-rc2 # debug: true # configs: # tls: @@ -121,7 +121,7 @@ wso2: strategy: RollingUpdate replicas: 1 imagePullPolicy: Always - image: wso2/apk-adapter:1.1.0-rc + image: wso2/apk-adapter:1.1.0-rc2 security: sslHostname: "adapter" # logging: @@ -154,7 +154,7 @@ wso2: strategy: RollingUpdate replicas: 1 imagePullPolicy: Always - image: wso2/apk-common-controller:1.1.0-rc + image: wso2/apk-common-controller:1.1.0-rc2 security: sslHostname: "commoncontroller" # configs: @@ -181,7 +181,7 @@ wso2: strategy: RollingUpdate replicas: 1 imagePullPolicy: Always - image: wso2/apk-ratelimiter:1.1.0-rc + image: wso2/apk-ratelimiter:1.1.0-rc2 security: sslHostname: "ratelimiter" # configs: @@ -211,7 +211,7 @@ wso2: failureThreshold: 5 strategy: RollingUpdate imagePullPolicy: Always - image: wso2/apk-router:1.1.0-rc + image: wso2/apk-router:1.1.0-rc2 # configs: # tls: # secretName: "router-cert" @@ -242,7 +242,7 @@ wso2: failureThreshold: 5 strategy: RollingUpdate imagePullPolicy: Always - image: wso2/apk-enforcer:1.1.0-rc + image: wso2/apk-enforcer:1.1.0-rc2 security: sslHostname: "enforcer" # logging: @@ -314,7 +314,7 @@ idp: strategy: RollingUpdate replicas: 1 imagePullPolicy: Always - image: wso2/apk-idp-domain-service:1.1.0-rc + image: wso2/apk-idp-domain-service:1.1.0-rc2 idpui: deployment: resources: @@ -335,7 +335,7 @@ idp: strategy: RollingUpdate replicas: 1 imagePullPolicy: Always - image: wso2/apk-idp-ui:1.1.0-rc + image: wso2/apk-idp-ui:1.1.0-rc2 configs: idpLoginUrl: "https://idp.am.wso2.com:9095/commonauth/login" idpAuthCallBackUrl: "https://idp.am.wso2.com:9095/oauth2/auth-callback" diff --git a/helm-charts/values.yaml.template b/helm-charts/values.yaml.template index c04bb21f0..210acc717 100644 --- a/helm-charts/values.yaml.template +++ b/helm-charts/values.yaml.template @@ -200,7 +200,7 @@ wso2: # -- Image pull policy imagePullPolicy: Always # -- Image - image: wso2/apk-config-deployer-service:1.1.0-beta + image: wso2/apk-config-deployer-service:1.1.0-rc2 configs: # -- Enable authorization for runtime api. authorization: true @@ -255,7 +255,7 @@ wso2: # -- Image pull policy imagePullPolicy: Always # -- Image - image: wso2/apk-adapter:1.1.0-beta + image: wso2/apk-adapter:1.1.0-rc2 security: # -- Enable security for adapter. sslHostname: "adapter" @@ -326,7 +326,7 @@ wso2: # -- Image pull policy imagePullPolicy: Always # -- Image - image: wso2/apk-common-controller:1.1.0-beta + image: wso2/apk-common-controller:1.1.0-rc2 security: # -- hostname for the common controller sslHostname: "commoncontroller" @@ -424,7 +424,7 @@ wso2: # -- Image pull policy imagePullPolicy: Always # -- Image - image: wso2/apk-ratelimiter:1.1.0-beta + image: wso2/apk-ratelimiter:1.1.0-rc2 security: # -- hostname for the rate limiter sslHostname: "ratelimiter" @@ -502,7 +502,7 @@ wso2: # -- Image pull policy imagePullPolicy: Always # -- Image - image: wso2/apk-router:1.1.0-beta + image: wso2/apk-router:1.1.0-rc2 configs: # -- The timeout for response coming from enforcer to route per API request enforcerResponseTimeoutInSeconds: 20 @@ -571,7 +571,7 @@ wso2: # -- Image pull policy imagePullPolicy: Always # -- Image - image: wso2/apk-enforcer:1.1.0-beta + image: wso2/apk-enforcer:1.1.0-rc2 security: # -- hostname for the enforcer sslHostname: "enforcer" @@ -789,7 +789,7 @@ idp: # -- Image pull policy imagePullPolicy: Always # -- Image - image: wso2/apk-idp-domain-service:1.1.0-beta + image: wso2/apk-idp-domain-service:1.1.0-rc2 idpui: deployment: resources: @@ -824,7 +824,7 @@ idp: # -- Image pull policy imagePullPolicy: Always # -- Image - image: wso2/apk-idp-ui:1.1.0-beta + image: wso2/apk-idp-ui:1.1.0-rc2 configs: # -- identity server Login URL idpLoginUrl: "https://idp.am.wso2.com:9095/commonauth/login"