From f33230836137a5cb65da64b2b3e73ca4117a2727 Mon Sep 17 00:00:00 2001 From: sgayangi Date: Thu, 15 Feb 2024 16:30:06 +0530 Subject: [PATCH] Fix helm templating issues --- helm-charts/README.md | 10 ++-- .../config-deployer-domain-api-backend.yaml | 6 +-- .../config-deployer/config-ds-deployment.yaml | 12 ++--- .../config-generator-domain-api-backend.yaml | 6 +-- .../adapter/adapter-deployment.yaml | 16 +++---- .../common-controller-deployment.yaml | 28 +++++------ .../gateway-components/common-log-conf.yaml | 4 +- .../gateway-runtime-deployment.yaml | 24 +++++----- .../gateway-components/log-conf.yaml | 4 +- .../ratelimiter/ratelimiter-deployment.yaml | 48 +++++++++---------- .../idp/idp-ds/idp-ds-configmap.yaml | 12 ++--- helm-charts/values.yaml | 45 +++++++++-------- helm-charts/values.yaml.template | 2 +- 13 files changed, 108 insertions(+), 109 deletions(-) diff --git a/helm-charts/README.md b/helm-charts/README.md index 48782f80e2..232eb1ce95 100644 --- a/helm-charts/README.md +++ b/helm-charts/README.md @@ -79,7 +79,7 @@ A Helm chart for APK components | wso2.apk.dp.configdeployer.deployment.replicas | int | `1` | Number of replicas | | wso2.apk.dp.configdeployer.deployment.imagePullPolicy | string | `"Always"` | Image pull policy | | wso2.apk.dp.configdeployer.deployment.image | string | `"wso2/apk-config-deployer-service:1.1.0-m2"` | Image | -| wso2.apk.dp.configdeployer.deployment.configs.authrorization | bool | `true` | Enable authorization for runtime api. | +| wso2.apk.dp.configdeployer.deployment.configs.authorization | bool | `true` | Enable authorization for runtime api. | | wso2.apk.dp.configdeployer.deployment.configs.baseUrl | string | `"https://api.am.wso2.com:9095/api/runtime"` | Baseurl for runtime api. | | wso2.apk.dp.configdeployer.deployment.configs.tls.secretName | string | `""` | TLS secret name for runtime public certificate. | | wso2.apk.dp.configdeployer.deployment.configs.tls.certKeyFilename | string | `""` | TLS certificate file name. | @@ -100,10 +100,10 @@ A Helm chart for APK components | wso2.apk.dp.adapter.deployment.imagePullPolicy | string | `"Always"` | Image pull policy | | wso2.apk.dp.adapter.deployment.image | string | `"wso2/apk-adapter:1.1.0-m2"` | Image | | wso2.apk.dp.adapter.deployment.security.sslHostname | string | `"adapter"` | Enable security for adapter. | -| wso2.apk.dp.adapter.configs.apiNamespaces | string | `nil` | Optionally configure namespaces to watch for apis. | -| wso2.apk.dp.adapter.configs.tls.secretName | string | `""` | TLS secret name for adapter public certificate. | -| wso2.apk.dp.adapter.configs.tls.certKeyFilename | string | `""` | TLS certificate file name. | -| wso2.apk.dp.adapter.configs.tls.certFilename | string | `""` | TLS certificate file name. | +| wso2.apk.dp.adapter.deployment.configs.apiNamespaces | string | `nil` | Optionally configure namespaces to watch for apis. | +| wso2.apk.dp.adapter.deployment.configs.tls.secretName | string | `""` | TLS secret name for adapter public certificate. | +| wso2.apk.dp.adapter.deployment.configs.tls.certKeyFilename | string | `""` | TLS certificate file name. | +| wso2.apk.dp.adapter.deployment.configs.tls.certFilename | string | `""` | TLS certificate file name. | | wso2.apk.dp.adapter.logging.level | string | `"INFO"` | Optionally configure logging for adapter. LogLevels can be "DEBG", "FATL", "ERRO", "WARN", "INFO", "PANC" | | wso2.apk.dp.adapter.logging.logFile | string | `"logs/adapter.log"` | Log file name | | wso2.apk.dp.adapter.logging.logFormat | string | `"TEXT"` | Log format can be "JSON", "TEXT" | diff --git a/helm-charts/templates/data-plane/config-deployer/config-deployer-domain-api-backend.yaml b/helm-charts/templates/data-plane/config-deployer/config-deployer-domain-api-backend.yaml index ff1f3f28a0..ed346c7280 100644 --- a/helm-charts/templates/data-plane/config-deployer/config-deployer-domain-api-backend.yaml +++ b/helm-charts/templates/data-plane/config-deployer/config-deployer-domain-api-backend.yaml @@ -29,9 +29,9 @@ spec: allowedSANs: - {{ template "apk-helm.resource.prefix" . }}-config-ds-service.{{ .Release.Namespace }}.svc secretRef: - {{- if and .Values.wso2.apk.dp.configdeployer.configs .Values.wso2.apk.dp.configdeployer.configs.tls }} - name: {{.Values.wso2.apk.dp.configdeployer.configs.tls.secretName}} - key: {{.Values.wso2.apk.dp.configdeployer.configs.tls.certFilename}} + {{- if and .Values.wso2.apk.dp.configdeployer.deployment.configs .Values.wso2.apk.dp.configdeployer.deployment.configs.tls }} + name: {{.Values.wso2.apk.dp.configdeployer.deployment.configs.tls.secretName}} + key: {{.Values.wso2.apk.dp.configdeployer.deployment.configs.tls.certFilename}} {{- else }} name: {{ template "apk-helm.resource.prefix" . }}-config-ds-server-cert key: tls.crt diff --git a/helm-charts/templates/data-plane/config-deployer/config-ds-deployment.yaml b/helm-charts/templates/data-plane/config-deployer/config-ds-deployment.yaml index 29d23a6df8..12c7653502 100644 --- a/helm-charts/templates/data-plane/config-deployer/config-ds-deployment.yaml +++ b/helm-charts/templates/data-plane/config-deployer/config-ds-deployment.yaml @@ -63,15 +63,15 @@ spec: subPath: Config.toml - name: config-ds-tls-volume mountPath: /home/wso2apk/config-deployer/security/config.key - {{- if and .Values.wso2.apk.dp.configdeployer.configs .Values.wso2.apk.dp.configdeployer.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.configdeployer.configs.tls.certKeyFilename | default "tls.key" }} + {{- if and .Values.wso2.apk.dp.configdeployer.deployment.configs .Values.wso2.apk.dp.configdeployer.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.configdeployer.deployment.configs.tls.certKeyFilename | default "tls.key" }} {{- else }} subPath: tls.key {{- end }} - name: config-ds-tls-volume mountPath: /home/wso2apk/config-deployer/security/config.pem - {{- if and .Values.wso2.apk.dp.configdeployer.configs .Values.wso2.apk.dp.configdeployer.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.configdeployer.configs.tls.certFilename | default "tls.crt" }} + {{- if and .Values.wso2.apk.dp.configdeployer.deployment.configs .Values.wso2.apk.dp.configdeployer.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.configdeployer.deployment.configs.tls.certFilename | default "tls.crt" }} {{- else }} subPath: tls.crt {{- end }} @@ -107,8 +107,8 @@ spec: name: {{ template "apk-helm.resource.prefix" . }}-config-ds-configmap - name: config-ds-tls-volume secret: - {{ if and .Values.wso2.apk.dp.configdeployer.configs .Values.wso2.apk.dp.configdeployer.configs.tls }} - secretName: {{ .Values.wso2.apk.dp.configdeployer.configs.tls.secretName | default (printf "%s-config-ds-server-cert" (include "apk-helm.resource.prefix" .)) }} + {{ if and .Values.wso2.apk.dp.configdeployer.deployment.configs .Values.wso2.apk.dp.configdeployer.deployment.configs.tls }} + secretName: {{ .Values.wso2.apk.dp.configdeployer.deployment.configs.tls.secretName | default (printf "%s-config-ds-server-cert" (include "apk-helm.resource.prefix" .)) }} {{ else }} secretName: {{ template "apk-helm.resource.prefix" . }}-config-ds-server-cert {{ end }} diff --git a/helm-charts/templates/data-plane/config-deployer/config-generator-domain-api-backend.yaml b/helm-charts/templates/data-plane/config-deployer/config-generator-domain-api-backend.yaml index 768f982f13..cfa9781f7e 100644 --- a/helm-charts/templates/data-plane/config-deployer/config-generator-domain-api-backend.yaml +++ b/helm-charts/templates/data-plane/config-deployer/config-generator-domain-api-backend.yaml @@ -29,9 +29,9 @@ spec: allowedSANs: - {{ template "apk-helm.resource.prefix" . }}-config-ds-service.{{ .Release.Namespace }}.svc secretRef: - {{- if and .Values.wso2.apk.dp.configdeployer.configs .Values.wso2.apk.dp.configdeployer.configs.tls }} - name: {{.Values.wso2.apk.dp.configdeployer.configs.tls.secretName}} - key: {{.Values.wso2.apk.dp.configdeployer.configs.tls.certFilename}} + {{- if and .Values.wso2.apk.dp.configdeployer.deployment.configs .Values.wso2.apk.dp.configdeployer.deployment.configs.tls }} + name: {{.Values.wso2.apk.dp.configdeployer.deployment.configs.tls.secretName}} + key: {{.Values.wso2.apk.dp.configdeployer.deployment.configs.tls.certFilename}} {{- else }} name: {{ template "apk-helm.resource.prefix" . }}-config-ds-server-cert key: tls.crt diff --git a/helm-charts/templates/data-plane/gateway-components/adapter/adapter-deployment.yaml b/helm-charts/templates/data-plane/gateway-components/adapter/adapter-deployment.yaml index 1f28bf973b..f9eba251bf 100644 --- a/helm-charts/templates/data-plane/gateway-components/adapter/adapter-deployment.yaml +++ b/helm-charts/templates/data-plane/gateway-components/adapter/adapter-deployment.yaml @@ -61,22 +61,22 @@ spec: volumeMounts: - name: adapter-keystore-secret-volume mountPath: /home/wso2/security/keystore/adapter.key - {{- if and .Values.wso2.apk.dp.adapter.configs .Values.wso2.apk.dp.adapter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.adapter.configs.tls.certKeyFilename | default "tls.key" }} + {{- if and .Values.wso2.apk.dp.adapter.deployment.configs .Values.wso2.apk.dp.adapter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.adapter.deployment.configs.tls.certKeyFilename | default "tls.key" }} {{- else }} subPath: tls.key {{- end }} - name: adapter-keystore-secret-volume mountPath: /home/wso2/security/keystore/adapter.crt - {{- if and .Values.wso2.apk.dp.adapter.configs .Values.wso2.apk.dp.adapter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.adapter.configs.tls.certFilename | default "tls.crt" }} + {{- if and .Values.wso2.apk.dp.adapter.deployment.configs .Values.wso2.apk.dp.adapter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.adapter.deployment.configs.tls.certFilename | default "tls.crt" }} {{- else }} subPath: tls.crt {{- end }} - name: adapter-keystore-secret-volume mountPath: /home/wso2/security/truststore/adapter-ca.crt - {{- if and .Values.wso2.apk.dp.adapter.configs .Values.wso2.apk.dp.adapter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.adapter.configs.tls.certFilename | default "ca.crt" }} + {{- if and .Values.wso2.apk.dp.adapter.deployment.configs .Values.wso2.apk.dp.adapter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.adapter.deployment.configs.tls.certFilename | default "ca.crt" }} {{- else }} subPath: ca.crt {{- end }} @@ -134,8 +134,8 @@ spec: volumes: - name: adapter-keystore-secret-volume secret: - {{- if and .Values.wso2.apk.dp.adapter.configs .Values.wso2.apk.dp.adapter.configs.tls }} - secretName: {{ .Values.wso2.apk.dp.adapter.configs.tls.secretName | default (printf "%s-adapter-server-cert" (include "apk-helm.resource.prefix" .)) }} + {{- if and .Values.wso2.apk.dp.adapter.deployment.configs .Values.wso2.apk.dp.adapter.deployment.configs.tls }} + secretName: {{ .Values.wso2.apk.dp.adapter.deployment.configs.tls.secretName | default (printf "%s-adapter-server-cert" (include "apk-helm.resource.prefix" .)) }} {{- else }} secretName: {{ template "apk-helm.resource.prefix" . }}-adapter-server-cert {{- end }} diff --git a/helm-charts/templates/data-plane/gateway-components/common-controller/common-controller-deployment.yaml b/helm-charts/templates/data-plane/gateway-components/common-controller/common-controller-deployment.yaml index 5a2647ca0a..8e90fb4485 100644 --- a/helm-charts/templates/data-plane/gateway-components/common-controller/common-controller-deployment.yaml +++ b/helm-charts/templates/data-plane/gateway-components/common-controller/common-controller-deployment.yaml @@ -63,22 +63,22 @@ spec: volumeMounts: - name: common-controller-keystore-secret-volume mountPath: /home/wso2/security/keystore/commoncontroller.key - {{- if and .Values.wso2.apk.dp.commonController.configs .Values.wso2.apk.dp.commonController.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.commonController.configs.tls.certKeyFilename | default "tls.key" }} + {{- if and .Values.wso2.apk.dp.commonController.deployment.configs .Values.wso2.apk.dp.commonController.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.commonController.deployment.configs.tls.certKeyFilename | default "tls.key" }} {{- else }} subPath: tls.key {{- end }} - name: common-controller-keystore-secret-volume mountPath: /home/wso2/security/keystore/commoncontroller.crt - {{- if and .Values.wso2.apk.dp.commonController.configs .Values.wso2.apk.dp.commonController.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.commonController.configs.tls.certFilename | default "tls.crt" }} + {{- if and .Values.wso2.apk.dp.commonController.deployment.configs .Values.wso2.apk.dp.commonController.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.commonController.deployment.configs.tls.certFilename | default "tls.crt" }} {{- else }} subPath: tls.crt {{- end }} - name: common-controller-keystore-secret-volume mountPath: /home/wso2/security/truststore/adapter-ca.crt - {{- if and .Values.wso2.apk.dp.commonController.configs .Values.wso2.apk.dp.commonController.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.commonController.configs.tls.certFilename | default "ca.crt" }} + {{- if and .Values.wso2.apk.dp.commonController.deployment.configs .Values.wso2.apk.dp.commonController.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.commonController.deployment.configs.tls.certFilename | default "ca.crt" }} {{- else }} subPath: ca.crt {{- end }} @@ -87,15 +87,15 @@ spec: # mountPath: /home/wso2/security/truststore/enforcer.crt - name: ratelimiter-truststore-secret-volume mountPath: /home/wso2/security/truststore/ratelimiter.crt - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.certFilename | default "tls.crt" }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.certFilename | default "tls.crt" }} {{- else }} subPath: tls.crt {{- end }} - name: ratelimiter-truststore-secret-volume mountPath: /home/wso2/security/truststore/ca-ratelimiter.crt - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.certCAFilename | default "ca.crt" }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.certCAFilename | default "ca.crt" }} {{- else }} subPath: ca.crt {{- end }} @@ -136,8 +136,8 @@ spec: volumes: - name: common-controller-keystore-secret-volume secret: - {{- if and .Values.wso2.apk.dp.commonController.configs .Values.wso2.apk.dp.commonController.configs.tls }} - secretName: {{ .Values.wso2.apk.dp.commonController.configs.tls.secretName | default (printf "%s-common-controller-server-cert" (include "apk-helm.resource.prefix" .)) }} + {{- if and .Values.wso2.apk.dp.commonController.deployment.configs .Values.wso2.apk.dp.commonController.deployment.configs.tls }} + secretName: {{ .Values.wso2.apk.dp.commonController.deployment.configs.tls.secretName | default (printf "%s-common-controller-server-cert" (include "apk-helm.resource.prefix" .)) }} {{- else }} secretName: {{ template "apk-helm.resource.prefix" . }}-common-controller-server-cert {{- end }} @@ -156,8 +156,8 @@ spec: {{ if and .Values.wso2.apk.dp.enabled .Values.wso2.apk.dp.ratelimiter.enabled }} - name: ratelimiter-truststore-secret-volume secret: - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - secretName: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.secretName | default (printf "%s-ratelimiter-server-cert" (include "apk-helm.resource.prefix" .)) }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + secretName: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.secretName | default (printf "%s-ratelimiter-server-cert" (include "apk-helm.resource.prefix" .)) }} {{- else }} secretName: {{ template "apk-helm.resource.prefix" . }}-ratelimiter-server-cert {{- end }} diff --git a/helm-charts/templates/data-plane/gateway-components/common-log-conf.yaml b/helm-charts/templates/data-plane/gateway-components/common-log-conf.yaml index 98563eb4ba..4bd5e9ea62 100644 --- a/helm-charts/templates/data-plane/gateway-components/common-log-conf.yaml +++ b/helm-charts/templates/data-plane/gateway-components/common-log-conf.yaml @@ -12,9 +12,9 @@ data: {{- end }} [commoncontroller.server] label = "ratelimiter" - {{ if and .Values.wso2.apk.dp.commonController.configs .Values.wso2.apk.dp.commonController.configs.apiNamespaces }} + {{ if and .Values.wso2.apk.dp.commonController.deployment.configs .Values.wso2.apk.dp.commonController.deployment.configs.apiNamespaces }} [commoncontroller.operator] - namespaces = [{{ include "commaJoinedQuotedList" .Values.wso2.apk.dp.commonController.configs.apiNamespaces}}] + namespaces = [{{ include "commaJoinedQuotedList" .Values.wso2.apk.dp.commonController.deployment.configs.apiNamespaces}}] {{ end}} [commoncontroller.keystore] certPath = "/home/wso2/security/keystore/commoncontroller.crt" diff --git a/helm-charts/templates/data-plane/gateway-components/gateway-runtime/gateway-runtime-deployment.yaml b/helm-charts/templates/data-plane/gateway-components/gateway-runtime/gateway-runtime-deployment.yaml index 33bf221d92..306eaec316 100644 --- a/helm-charts/templates/data-plane/gateway-components/gateway-runtime/gateway-runtime-deployment.yaml +++ b/helm-charts/templates/data-plane/gateway-components/gateway-runtime/gateway-runtime-deployment.yaml @@ -176,8 +176,8 @@ spec: {{- end }} - name: adapter-truststore-secret-volume mountPath: /home/wso2/security/truststore/adapter.crt - {{- if and .Values.wso2.apk.dp.adapter.configs .Values.wso2.apk.dp.adapter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.adapter.configs.tls.certFilename | default "tls.crt" }} + {{- if and .Values.wso2.apk.dp.adapter.deployment.configs .Values.wso2.apk.dp.adapter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.adapter.deployment.configs.tls.certFilename | default "tls.crt" }} {{- else }} subPath: tls.crt {{- end }} @@ -303,8 +303,8 @@ spec: {{- end }} - name: adapter-truststore-secret-volume mountPath: /home/wso2/security/truststore/adapter.crt - {{- if and .Values.wso2.apk.dp.adapter.configs .Values.wso2.apk.dp.adapter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.adapter.configs.tls.certFilename | default "tls.crt" }} + {{- if and .Values.wso2.apk.dp.adapter.deployment.configs .Values.wso2.apk.dp.adapter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.adapter.deployment.configs.tls.certFilename | default "tls.crt" }} {{- else }} subPath: tls.crt {{- end }} @@ -320,15 +320,15 @@ spec: {{ if and .Values.wso2.apk.dp.enabled .Values.wso2.apk.dp.ratelimiter.enabled }} - name: ratelimiter-truststore-secret-volume mountPath: /home/wso2/security/truststore/ratelimiter.crt - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.certFilename | default "tls.crt" }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.certFilename | default "tls.crt" }} {{- else }} subPath: tls.crt {{- end }} - name: ratelimiter-truststore-secret-volume mountPath: /home/wso2/security/truststore/ratelimiter-ca.crt - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.certCAFilename | default "ca.crt" }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.certCAFilename | default "ca.crt" }} {{- else }} subPath: ca.crt {{- end }} @@ -368,8 +368,8 @@ spec: {{ if and .Values.wso2.apk.dp.enabled .Values.wso2.apk.dp.ratelimiter.enabled }} - name: ratelimiter-truststore-secret-volume secret: - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - secretName: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.certificatesSecret | default (printf "%s-ratelimiter-server-cert" (include "apk-helm.resource.prefix" .)) }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + secretName: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.certificatesSecret | default (printf "%s-ratelimiter-server-cert" (include "apk-helm.resource.prefix" .)) }} {{- else }} secretName: {{ template "apk-helm.resource.prefix" . }}-ratelimiter-server-cert {{- end }} @@ -401,8 +401,8 @@ spec: {{- end }} - name: adapter-truststore-secret-volume secret: - {{- if and .Values.wso2.apk.dp.adapter.configs .Values.wso2.apk.dp.adapter.configs.tls }} - secretName: {{ .Values.wso2.apk.dp.adapter.configs.tls.secretName | default (printf "%s-adapter-server-cert" (include "apk-helm.resource.prefix" .)) }} + {{- if and .Values.wso2.apk.dp.adapter.deployment.configs .Values.wso2.apk.dp.adapter.deployment.configs.tls }} + secretName: {{ .Values.wso2.apk.dp.adapter.deployment.configs.tls.secretName | default (printf "%s-adapter-server-cert" (include "apk-helm.resource.prefix" .)) }} {{- else }} secretName: {{ template "apk-helm.resource.prefix" . }}-adapter-server-cert {{- end }} diff --git a/helm-charts/templates/data-plane/gateway-components/log-conf.yaml b/helm-charts/templates/data-plane/gateway-components/log-conf.yaml index eacbe2d7f8..e30cde5899 100644 --- a/helm-charts/templates/data-plane/gateway-components/log-conf.yaml +++ b/helm-charts/templates/data-plane/gateway-components/log-conf.yaml @@ -10,9 +10,9 @@ data: {{- if and .Values.wso2.apk.dp.environment .Values.wso2.apk.dp.environment.name }} environment = "{{ .Values.wso2.apk.dp.environment.name }}" {{- end }} - {{ if and .Values.wso2.apk.dp.adapter.configs .Values.wso2.apk.dp.adapter.configs.apiNamespaces }} + {{ if and .Values.wso2.apk.dp.adapter.deployment.configs .Values.wso2.apk.dp.adapter.deployment.configs.apiNamespaces }} [adapter.operator] - namespaces = [{{ include "commaJoinedQuotedList" .Values.wso2.apk.dp.adapter.configs.apiNamespaces}}] + namespaces = [{{ include "commaJoinedQuotedList" .Values.wso2.apk.dp.adapter.deployment.configs.apiNamespaces}}] {{ end}} {{ if and .Values.wso2.apk.dp.gatewayRuntime.deployment .Values.wso2.apk.dp.gatewayRuntime.deployment.router .Values.wso2.apk.dp.gatewayRuntime.deployment.router.configs }} diff --git a/helm-charts/templates/data-plane/ratelimiter/ratelimiter-deployment.yaml b/helm-charts/templates/data-plane/ratelimiter/ratelimiter-deployment.yaml index e705cbe1c7..c765c56e81 100644 --- a/helm-charts/templates/data-plane/ratelimiter/ratelimiter-deployment.yaml +++ b/helm-charts/templates/data-plane/ratelimiter/ratelimiter-deployment.yaml @@ -58,16 +58,16 @@ spec: - name: LIMIT_RESPONSE_HEADERS_ENABLED value: "false" - name: REDIS_TYPE - {{ if and .Values.wso2.apk.dp.redis .Values.wso2.apk.dp.redis.type }} - value: {{ .Values.wso2.apk.dp.redis.type }} + {{ if and .Values.redis .Values.redis.type }} + value: {{ .Values.redis.type }} {{ else }} value: "single" {{ end }} - name: REDIS_SOCKET_TYPE value: "tcp" - name: REDIS_URL - {{ if and .Values.wso2.apk.dp.redis .Values.wso2.apk.dp.redis.url }} - value: {{ .Values.wso2.apk.dp.redis.url }} + {{ if and .Values.redis .Values.redis.url }} + value: {{ .Values.redis.url }} {{ else }} value: "redis-master:6379" {{ end }} @@ -75,26 +75,26 @@ spec: value: "0.2ms" - name: REDIS_PIPELINE_LIMIT value: "0" - {{ if and .Values.wso2.apk.dp.redis .Values.wso2.apk.dp.redis.tls }} + {{ if and .Values.redis .Values.redis.tls }} - name: REDIS_TLS - value: true + value: "true" - name: REDIS_PERSECOND_TLS - value: true + value: "true" - name: REDIS_TLS_CLIENT_CERT value: "/home/wso2/security/truststore/redis.crt" - name: REDIS_TLS_CLIENT_KEY value: "/home/wso2/security/keystore/redis.key" {{ end }} - {{ if and .Values.wso2.apk.dp.redis .Values.wso2.apk.dp.redis.auth }} + {{ if and .Values.redis .Values.redis.auth .Values.redis.auth.enabled}} - name: REDIS_AUTH valueFrom: secretKeyRef: - name: {{ .Values.wso2.apk.dp.redis.auth.certificatesSecret }} - key: {{ .Values.wso2.apk.dp.redis.auth.secretKey }} + name: {{ .Values.redis.auth.certificatesSecret }} + key: {{ .Values.redis.auth.secretKey }} {{end}} - {{ if and .Values.wso2.apk.dp.redis .Values.wso2.apk.dp.redis.poolSize }} + {{ if and .Values.redis .Values.redis.poolSize }} - name: REDIS_POOL_SIZE - value: {{ .Values.wso2.apk.dp.redis.poolSize }} + value: {{ .Values.redis.poolSize }} {{ end }} - name: GRPC_HOST value: "0.0.0.0" @@ -144,29 +144,29 @@ spec: volumeMounts: - name: ratelimiter-keystore-secret-volume mountPath: /home/wso2/security/keystore/ratelimiter.key - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.certKeyFilename | default "tls.key" }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.certKeyFilename | default "tls.key" }} {{- else }} subPath: tls.key {{- end }} - name: ratelimiter-keystore-secret-volume mountPath: /home/wso2/security/keystore/ratelimiter.crt - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.certFilename | default "tls.crt" }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.certFilename | default "tls.crt" }} {{- else }} subPath: tls.crt {{- end }} - name: ratelimiter-keystore-secret-volume mountPath: /home/wso2/security/truststore/ratelimiter-ca.crt - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.certCAFilename | default "ca.crt" }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.certCAFilename | default "ca.crt" }} {{- else }} subPath: ca.crt {{- end }} - name: common-controller-truststore-secret-volume mountPath: /home/wso2/security/truststore/adapter.pem - {{- if and .Values.wso2.apk.dp.commonController.configs .Values.wso2.apk.dp.commonController.configs.tls }} - subPath: {{ .Values.wso2.apk.dp.commonController.configs.tls.certFilename | default "tls.crt" }} + {{- if and .Values.wso2.apk.dp.commonController.deployment.configs .Values.wso2.apk.dp.commonController.deployment.configs.tls }} + subPath: {{ .Values.wso2.apk.dp.commonController.deployment.configs.tls.certFilename | default "tls.crt" }} {{- else }} subPath: tls.crt {{- end }} @@ -218,16 +218,16 @@ spec: volumes: - name: ratelimiter-keystore-secret-volume secret: - {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }} - secretName: {{ .Values.wso2.apk.dp.ratelimiter.configs.tls.secretName | default (printf "%s-ratelimiter-server-cert" (include "apk-helm.resource.prefix" .)) }} + {{- if and .Values.wso2.apk.dp.ratelimiter.deployment.configs .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls }} + secretName: {{ .Values.wso2.apk.dp.ratelimiter.deployment.configs.tls.secretName | default (printf "%s-ratelimiter-server-cert" (include "apk-helm.resource.prefix" .)) }} {{- else }} secretName: {{ template "apk-helm.resource.prefix" . }}-ratelimiter-server-cert {{- end }} defaultMode: 420 - name: common-controller-truststore-secret-volume secret: - {{- if and .Values.wso2.apk.dp.commonController.configs .Values.wso2.apk.dp.commonController.configs.tls }} - secretName: {{ .Values.wso2.apk.dp.commonController.configs.tls.secretName | default (printf "%s-common-controller-server-cert" (include "apk-helm.resource.prefix" .)) }} + {{- if and .Values.wso2.apk.dp.commonController.deployment.configs .Values.wso2.apk.dp.commonController.deployment.configs.tls }} + secretName: {{ .Values.wso2.apk.dp.commonController.deployment.configs.tls.secretName | default (printf "%s-common-controller-server-cert" (include "apk-helm.resource.prefix" .)) }} {{- else }} secretName: {{ template "apk-helm.resource.prefix" . }}-common-controller-server-cert {{- end }} diff --git a/helm-charts/templates/idp/idp-ds/idp-ds-configmap.yaml b/helm-charts/templates/idp/idp-ds/idp-ds-configmap.yaml index 2abf4dcf82..8a8bdbf280 100644 --- a/helm-charts/templates/idp/idp-ds/idp-ds-configmap.yaml +++ b/helm-charts/templates/idp/idp-ds/idp-ds-configmap.yaml @@ -38,13 +38,13 @@ data: testQuery = "{{ .Values.idp.database.validationQuery }}" driver = "{{ .Values.idp.database.driver }}" [wso2.idp_domain_service.idpConfiguration] - hostname = "{{ .Values.idp.idpds.config.hostname }}" - loginPageURl = "{{ .Values.idp.idpds.config.loginPageURl }}" - loginErrorPageUrl = "{{ .Values.idp.idpds.config.loginErrorPageUrl }}" - loginCallBackURl = "{{ .Values.idp.idpds.config.loginCallBackURl }}" + hostname = "{{ .Values.idp.idpds.configs.hostname }}" + loginPageURl = "{{ .Values.idp.idpds.configs.loginPageURl }}" + loginErrorPageUrl = "{{ .Values.idp.idpds.configs.loginErrorPageUrl }}" + loginCallBackURl = "{{ .Values.idp.idpds.configs.loginCallBackURl }}" [wso2.idp_domain_service.idpConfiguration.tokenIssuerConfiguration] - issuer = "{{ .Values.idp.idpds.config.issuer }}" - keyId="{{ .Values.idp.idpds.config.keyId }}" + issuer = "{{ .Values.idp.idpds.configs.issuer }}" + keyId="{{ .Values.idp.idpds.configs.keyId }}" [[wso2.idp_domain_service.idpConfiguration.fileBaseApp]] clientId = "45f1c5c8-a92e-11ed-afa1-0242ac120002" clientSecret = "4fbd62ec-a92e-11ed-afa1-0242ac120002" diff --git a/helm-charts/values.yaml b/helm-charts/values.yaml index f1bba48a82..62daf47ee1 100644 --- a/helm-charts/values.yaml +++ b/helm-charts/values.yaml @@ -17,11 +17,11 @@ wso2: subscription: imagePullSecrets: "" - + apk: webhooks: - validatingwebhookconfigurations : true - mutatingwebhookconfigurations : true + validatingwebhookconfigurations: true + mutatingwebhookconfigurations: true auth: enabled: true enableServiceAccountCreation: true @@ -114,9 +114,9 @@ wso2: image: wso2/apk-adapter:1.1.0-m2 security: sslHostname: "adapter" -# logging: -# level: "INFO" # LogLevels can be "DEBG", "FATL", "ERRO", "WARN", "INFO", "PANC" -# logFormat: "TEXT" # Values can be "JSON", "TEXT" + # logging: + # level: "INFO" # LogLevels can be "DEBG", "FATL", "ERRO", "WARN", "INFO", "PANC" + # # logFormat: "TEXT" # Values can be "JSON", "TEXT" # configs: # apiNamespaces: # - "apk-v12" @@ -207,13 +207,13 @@ wso2: # secretName: "router-cert" # certKeyFilename: "" # certFilename: "" -# logging: -# wireLogs: -# enable: true -# accessLogs: -# enable: true -# env: -# TRAILING_ARGS: "--log-level trace" + # logging: + # wireLogs: + # enable: true + # accessLogs: + # enable: true + # env: + # TRAILING_ARGS: "--log-level trace" enforcer: resources: requests: @@ -235,13 +235,13 @@ wso2: image: wso2/apk-enforcer:1.1.0-m2 security: sslHostname: "enforcer" -# logging: -# level: DEBUG - # configs: - # tls: - # secretName: "router-cert" - # certKeyFilename: "" - # certFilename: "" + # logging: + # level: DEBUG + # configs: + # tls: + # secretName: "router-cert" + # certKeyFilename: "" + # certFilename: "" idp: enabled: true listener: @@ -259,7 +259,7 @@ idp: validationQuery: "SELECT 1" validationTimeout: 250 idpds: - config: + configs: issuer: "https://idp.am.wso2.com/token" keyId: "gateway_certificate_alias" hostname: "idp.am.wso2.com" @@ -317,13 +317,12 @@ gatewaySystem: enableClusterRoleCreation: true serviceAccountName: gateway-api-admission - certmanager: enabled: true enableClusterIssuer: true enableRootCa: true rootCaSecretName: "apk-root-certificate" - + postgresql: enabled: true fullnameOverride: "wso2apk-db-service" diff --git a/helm-charts/values.yaml.template b/helm-charts/values.yaml.template index 0a80f6ee3c..2154e9b078 100644 --- a/helm-charts/values.yaml.template +++ b/helm-charts/values.yaml.template @@ -169,7 +169,7 @@ wso2: image: wso2/apk-config-deployer-service:1.0.0 configs: # -- Enable authorization for runtime api. - authrorization: true + authorization: true # -- Baseurl for runtime api. baseUrl: "https://api.am.wso2.com:9095/api/runtime" tls: