From 92f566979196649ea8f5b8b42bc28da58dbb05ba Mon Sep 17 00:00:00 2001 From: Prafulrakhade <99539100+Prafulrakhade@users.noreply.github.com> Date: Tue, 24 Mar 2026 04:32:42 +0000 Subject: [PATCH] Updated chart versions, image and tag for release changes Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- deploy/key-migration-utility/install.sh | 2 +- deploy/keymanager/install.sh | 2 +- deploy/softhsm/install.sh | 2 +- helm/key-migration-utility/Chart.yaml | 2 +- helm/key-migration-utility/values.yaml | 42 +-------------------- helm/keygen/Chart.yaml | 2 +- helm/keygen/values.yaml | 42 +-------------------- helm/keymanager/Chart.yaml | 2 +- helm/keymanager/values.yaml | 50 +------------------------ helm/softhsm/Chart.yaml | 2 +- helm/softhsm/values.yaml | 41 +++++--------------- 11 files changed, 23 insertions(+), 166 deletions(-) diff --git a/deploy/key-migration-utility/install.sh b/deploy/key-migration-utility/install.sh index 3a38764be..25d6a7e78 100755 --- a/deploy/key-migration-utility/install.sh +++ b/deploy/key-migration-utility/install.sh @@ -7,7 +7,7 @@ if [ $# -ge 1 ] ; then fi NS=key-migration-utility -CHART_VERSION=0.0.1-develop +CHART_VERSION=1.4.0 echo Creating $NS namespace kubectl create ns $NS diff --git a/deploy/keymanager/install.sh b/deploy/keymanager/install.sh index 6321b5848..6941cf412 100755 --- a/deploy/keymanager/install.sh +++ b/deploy/keymanager/install.sh @@ -7,7 +7,7 @@ if [ $# -ge 1 ] ; then fi NS=keymanager -CHART_VERSION=0.0.1-develop +CHART_VERSION=1.4.0 echo Creating $NS namespace kubectl create ns $NS diff --git a/deploy/softhsm/install.sh b/deploy/softhsm/install.sh index fb3c078d2..c0a054f6a 100755 --- a/deploy/softhsm/install.sh +++ b/deploy/softhsm/install.sh @@ -8,7 +8,7 @@ if [ $# -ge 1 ] ; then fi NS=softhsm -CHART_VERSION=0.0.1-develop +CHART_VERSION=1.4.0 echo Create $NS namespaces kubectl create ns $NS diff --git a/helm/key-migration-utility/Chart.yaml b/helm/key-migration-utility/Chart.yaml index d877f6208..89da824bc 100644 --- a/helm/key-migration-utility/Chart.yaml +++ b/helm/key-migration-utility/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: key-migration-utility description: A Helm chart to migrate keys from any keystore type to any other supported format. type: application -version: 0.0.1-develop +version: 1.4.0 appVersion: "" dependencies: - name: common diff --git a/helm/key-migration-utility/values.yaml b/helm/key-migration-utility/values.yaml index 0177eb7d8..7afa29e1c 100644 --- a/helm/key-migration-utility/values.yaml +++ b/helm/key-migration-utility/values.yaml @@ -12,27 +12,22 @@ ## commonLabels: app.kubernetes.io/component: mosip - ## Add annotations to all the deployed resources ## commonAnnotations: {} - ## Kubernetes Cluster Domain ## clusterDomain: cluster.local - ## Extra objects to deploy (value evaluated as a template) ## extraDeploy: [] - ## Number of nodes ## replicaCount: 1 - image: registry: docker.io - repository: mosipqa/keys-migrator - tag: develop + repository: mosipid/keys-migrator + tag: 1.3.0 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images @@ -44,7 +39,6 @@ image: ## # pullSecrets: # - myRegistryKeySecretName - ## # existingConfigmap: @@ -52,12 +46,10 @@ image: ## command: [] args: [] - ## Deployment pod host aliases ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ ## hostAliases: [] - ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## resources: @@ -71,37 +63,31 @@ resources: requests: {} # cpu: 200m # memory: 10Mi - additionalResources: ## Specify any JAVA_OPTS string here. These typically will be specified in conjunction with above resources ## Example: java_opts: "-Xms500M -Xmx500M" javaOpts: "" - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## Clamav container already runs as 'mosip' user, so we may not need to enable this containerSecurityContext: enabled: false runAsUser: mosip runAsNonRoot: true - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod ## podSecurityContext: enabled: false fsGroup: 1001 - ## Pod affinity preset ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity ## Allowed values: soft, hard ## podAffinityPreset: "" - ## Pod anti-affinity preset ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity ## Allowed values: soft, hard ## podAntiAffinityPreset: soft - ## Node affinity preset ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity ## Allowed values: soft, hard @@ -123,32 +109,26 @@ nodeAffinityPreset: ## - e2e-az2 ## values: [] - ## Affinity for pod assignment. Evaluated as a template. ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## affinity: {} - ## Node labels for pod assignment. Evaluated as a template. ## ref: https://kubernetes.io/docs/user-guide/node-selection/ ## nodeSelector: {} - ## Tolerations for pod assignment. Evaluated as a template. ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ ## tolerations: [] - ## Pod extra labels ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ ## podLabels: {} - ## Annotations for server pods. ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ ## podAnnotations: {} - ## pods' priority. ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ ## @@ -157,19 +137,15 @@ podAnnotations: {} ## lifecycleHooks for the container to automate configuration before or after startup. ## lifecycleHooks: {} - ## Custom Liveness probes for ## customLivenessProbe: {} - ## Custom Rediness probes ## customReadinessProbe: {} - ## "backoff" strategy - It is used when dealing with resources that are retrying or recovering from failures. ## backoffLimit: 0 - ## Update strategy - only really applicable for deployments with RWO PVs attached ## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the ## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will @@ -177,16 +153,13 @@ backoffLimit: 0 ## updateStrategy: type: RollingUpdate - ## Additional environment variables to set ## Example: ## extraEnvVars: ## - name: FOO ## value: "bar" ## - extraEnvVars: [] - ## ConfigMap with extra environment variables that used ## ## IMPORTANT: softhsm name needs to be set if not default as mentioned below. This applies if softhsm name @@ -195,19 +168,15 @@ extraEnvVarsCM: - global - config-server-share - artifactory-share - ## Secret with extra environment variables ## extraEnvVarsSecret: [] - ## Extra volumes to add to the deployment ## extraVolumes: [] - ## Extra volume mounts to add to the container ## extraVolumeMounts: [] - ## Add init containers to the pods. ## Example: ## initContainers: @@ -219,7 +188,6 @@ extraVolumeMounts: [] ## containerPort: 1234 ## initContainers: {} - ## Add sidecars to the pods. ## Example: ## sidecars: @@ -231,7 +199,6 @@ initContainers: {} ## containerPort: 1234 ## sidecars: {} - persistence: enabled: false ## If defined, storageClassName: @@ -253,7 +220,6 @@ persistence: existingClaim: # Dir where config and keys are written inside container mountDir: - ## Init containers parameters: ## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section. ## @@ -287,12 +253,10 @@ volumePermissions: ## cpu: 100m ## memory: 128Mi ## - ## Specifies whether RBAC resources should be created ## rbac: create: true - ## Specifies whether a ServiceAccount should be created ## serviceAccount: @@ -301,12 +265,10 @@ serviceAccount: ## If not set and create is true, a name is generated using the fullname template ## name: - # migration springConfigNameEnv: # default or migration activeProfileEnv: - ## This param is to be set during installation. ## For Kernel: softhsm-kernel-share ## For IDA: softhsm-ida-share diff --git a/helm/keygen/Chart.yaml b/helm/keygen/Chart.yaml index aacd06af5..dbe7bce27 100644 --- a/helm/keygen/Chart.yaml +++ b/helm/keygen/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: keygen description: A Helm chart to generate keys type: application -version: 0.0.1-develop +version: 1.4.0 appVersion: "" dependencies: - name: common diff --git a/helm/keygen/values.yaml b/helm/keygen/values.yaml index cd12f3384..90326daca 100644 --- a/helm/keygen/values.yaml +++ b/helm/keygen/values.yaml @@ -12,27 +12,22 @@ ## commonLabels: app.kubernetes.io/component: mosip - ## Add annotations to all the deployed resources ## commonAnnotations: {} - ## Kubernetes Cluster Domain ## clusterDomain: cluster.local - ## Extra objects to deploy (value evaluated as a template) ## extraDeploy: [] - ## Number of nodes ## replicaCount: 1 - image: registry: docker.io - repository: mosipqa/keys-generator - tag: develop + repository: mosipid/keys-generator + tag: 1.3.0 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images @@ -44,7 +39,6 @@ image: ## # pullSecrets: # - myRegistryKeySecretName - ## # existingConfigmap: @@ -52,12 +46,10 @@ image: ## command: [] args: [] - ## Deployment pod host aliases ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ ## hostAliases: [] - ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## resources: @@ -71,37 +63,31 @@ resources: requests: {} # cpu: 200m # memory: 10Mi - additionalResources: ## Specify any JAVA_OPTS string here. These typically will be specified in conjunction with above resources ## Example: java_opts: "-Xms500M -Xmx500M" javaOpts: "" - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## Clamav container already runs as 'mosip' user, so we may not need to enable this containerSecurityContext: enabled: false runAsUser: mosip runAsNonRoot: true - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod ## podSecurityContext: enabled: false fsGroup: 1001 - ## Pod affinity preset ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity ## Allowed values: soft, hard ## podAffinityPreset: "" - ## Pod anti-affinity preset ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity ## Allowed values: soft, hard ## podAntiAffinityPreset: soft - ## Node affinity preset ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity ## Allowed values: soft, hard @@ -123,32 +109,26 @@ nodeAffinityPreset: ## - e2e-az2 ## values: [] - ## Affinity for pod assignment. Evaluated as a template. ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## affinity: {} - ## Node labels for pod assignment. Evaluated as a template. ## ref: https://kubernetes.io/docs/user-guide/node-selection/ ## nodeSelector: {} - ## Tolerations for pod assignment. Evaluated as a template. ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ ## tolerations: [] - ## Pod extra labels ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ ## podLabels: {} - ## Annotations for server pods. ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ ## podAnnotations: {} - ## pods' priority. ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ ## @@ -157,19 +137,15 @@ podAnnotations: {} ## lifecycleHooks for the container to automate configuration before or after startup. ## lifecycleHooks: {} - ## Custom Liveness probes for ## customLivenessProbe: {} - ## Custom Rediness probes ## customReadinessProbe: {} - ## "backoff" strategy - It is used when dealing with resources that are retrying or recovering from failures. ## backoffLimit: 0 - ## Update strategy - only really applicable for deployments with RWO PVs attached ## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the ## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will @@ -177,16 +153,13 @@ backoffLimit: 0 ## updateStrategy: type: RollingUpdate - ## Additional environment variables to set ## Example: ## extraEnvVars: ## - name: FOO ## value: "bar" ## - extraEnvVars: [] - ## ConfigMap with extra environment variables that used ## ## IMPORTANT: softhsm name needs to be set if not default as mentioned below. This applies if softhsm name @@ -195,19 +168,15 @@ extraEnvVarsCM: - global - config-server-share - artifactory-share - ## Secret with extra environment variables ## extraEnvVarsSecret: [] - ## Extra volumes to add to the deployment ## extraVolumes: [] - ## Extra volume mounts to add to the container ## extraVolumeMounts: [] - ## Add init containers to the pods. ## Example: ## initContainers: @@ -219,7 +188,6 @@ extraVolumeMounts: [] ## containerPort: 1234 ## initContainers: {} - ## Add sidecars to the pods. ## Example: ## sidecars: @@ -231,7 +199,6 @@ initContainers: {} ## containerPort: 1234 ## sidecars: {} - persistence: enabled: false ## If defined, storageClassName: @@ -256,7 +223,6 @@ persistence: volume_name: config # pvc_claim_name: pkcs12-keys.p12 pvc_claim_name: - ## Init containers parameters: ## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section. ## @@ -290,12 +256,10 @@ volumePermissions: ## cpu: 100m ## memory: 128Mi ## - ## Specifies whether RBAC resources should be created ## rbac: create: true - ## Specifies whether a ServiceAccount should be created ## serviceAccount: @@ -304,10 +268,8 @@ serviceAccount: ## If not set and create is true, a name is generated using the fullname template ## name: - # kernel or id-authentication springConfigNameEnv: - ## This param is to be set during installation. ## For Kernel: softhsm-kernel-share ## For IDA: softhsm-ida-share diff --git a/helm/keymanager/Chart.yaml b/helm/keymanager/Chart.yaml index e6cc50521..b3f239e14 100644 --- a/helm/keymanager/Chart.yaml +++ b/helm/keymanager/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: keymanager description: A Helm chart for MOSIP Keymanager module type: application -version: 0.0.1-develop +version: 1.4.0 appVersion: "" dependencies: - name: common diff --git a/helm/keymanager/values.yaml b/helm/keymanager/values.yaml index b103b4005..a1b8147d4 100644 --- a/helm/keymanager/values.yaml +++ b/helm/keymanager/values.yaml @@ -12,23 +12,18 @@ ## commonLabels: app.kubernetes.io/component: mosip - ## Add annotations to all the deployed resources ## commonAnnotations: {} - ## Kubernetes Cluster Domain ## clusterDomain: cluster.local - ## Extra objects to deploy (value evaluated as a template) ## extraDeploy: [] - ## Number of nodes ## replicaCount: 1 - service: type: ClusterIP port: 80 @@ -49,11 +44,10 @@ service: ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip ## externalTrafficPolicy: Cluster - image: registry: docker.io - repository: mosipqa/kernel-keymanager-service - tag: develop + repository: mosipid/kernel-keymanager-service + tag: 1.3.0 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images @@ -65,10 +59,8 @@ image: ## # pullSecrets: # - myRegistryKeySecretName - ## Port on which this particular spring service module is running. springServicePort: 8088 - ## Configure extra options for liveness and readiness probes ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes ## @@ -82,7 +74,6 @@ startupProbe: timeoutSeconds: 5 failureThreshold: 30 successThreshold: 1 - livenessProbe: enabled: true httpGet: @@ -93,7 +84,6 @@ livenessProbe: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - readinessProbe: enabled: true httpGet: @@ -104,7 +94,6 @@ readinessProbe: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - ## # existingConfigmap: @@ -112,12 +101,10 @@ readinessProbe: ## command: [] args: [] - ## Deployment pod host aliases ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ ## hostAliases: [] - ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## resources: @@ -131,37 +118,31 @@ resources: requests: cpu: 500m memory: 3000Mi - additionalResources: ## Specify any JAVA_OPTS string here. These typically will be specified in conjunction with above resources ## Example: java_opts: "-Xms500M -Xmx500M" javaOpts: "-Xms4250M -Xmx4250M" - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## Clamav container already runs as 'mosip' user, so we may not need to enable this containerSecurityContext: enabled: false runAsUser: mosip runAsNonRoot: true - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod ## podSecurityContext: enabled: false fsGroup: 1001 - ## Pod affinity preset ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity ## Allowed values: soft, hard ## podAffinityPreset: "" - ## Pod anti-affinity preset ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity ## Allowed values: soft, hard ## podAntiAffinityPreset: soft - ## Node affinity preset ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity ## Allowed values: soft, hard @@ -183,32 +164,26 @@ nodeAffinityPreset: ## - e2e-az2 ## values: [] - ## Affinity for pod assignment. Evaluated as a template. ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## affinity: {} - ## Node labels for pod assignment. Evaluated as a template. ## ref: https://kubernetes.io/docs/user-guide/node-selection/ ## nodeSelector: {} - ## Tolerations for pod assignment. Evaluated as a template. ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ ## tolerations: [] - ## Pod extra labels ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ ## podLabels: {} - ## Annotations for server pods. ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ ## podAnnotations: {} - ## pods' priority. ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ ## @@ -223,18 +198,14 @@ lifecycleHooks: - sh - -c - sleep 30 - ## Termination grace perios : the maximum amount of time (in seconds) Kubernetes will wait for a container to gracefully shut down terminationGracePeriodSeconds: 60 - ## Custom Liveness probes for ## customLivenessProbe: {} - ## Custom Rediness probes ## customReadinessProbe: {} - ## Update strategy - only really applicable for deployments with RWO PVs attached ## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the ## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will @@ -242,7 +213,6 @@ customReadinessProbe: {} ## updateStrategy: type: RollingUpdate - ## Additional environment variables to set ## Example: ## extraEnvVars: @@ -250,7 +220,6 @@ updateStrategy: ## value: "bar" ## extraEnvVars: [] - ## ConfigMap with extra environment variables that used ## extraEnvVarsCM: @@ -258,19 +227,15 @@ extraEnvVarsCM: - config-server-share - artifactory-share - softhsm-kernel-share - ## Secret with extra environment variables ## extraEnvVarsSecret: [] - ## Extra volumes to add to the deployment ## extraVolumes: [] - ## Extra volume mounts to add to the container ## extraVolumeMounts: [] - ## Add init containers to the pods. ## Example: ## initContainers: @@ -282,7 +247,6 @@ extraVolumeMounts: [] ## containerPort: 1234 ## initContainers: {} - ## Add sidecars to the pods. ## Example: ## sidecars: @@ -294,7 +258,6 @@ initContainers: {} ## containerPort: 1234 ## sidecars: {} - persistence: enabled: false ## If defined, storageClassName: @@ -319,7 +282,6 @@ persistence: mountDir: /home/mosip/config/ volume_name: config # pvc_claim_name: pkcs12-keys.p12 - ## Init containers parameters: ## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section. ## @@ -353,12 +315,10 @@ volumePermissions: ## cpu: 100m ## memory: 128Mi ## - ## Specifies whether RBAC resources should be created ## rbac: create: true - ## Specifies whether a ServiceAccount should be created ## serviceAccount: @@ -367,7 +327,6 @@ serviceAccount: ## If not set and create is true, a name is generated using the fullname template ## name: - ## Prometheus Metrics ## metrics: @@ -377,9 +336,7 @@ metrics: ## podAnnotations: prometheus.io/scrape: "true" - endpointPath: /v1/keymanager/actuator/prometheus - ## Prometheus Service Monitor ## ref: https://github.com/coreos/prometheus-operator ## @@ -406,7 +363,6 @@ metrics: ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec ## additionalLabels: {} - ## Custom PrometheusRule to be defined ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions @@ -424,12 +380,10 @@ metrics: # labels: # severity: error rules: [] - ## Only internal access istio: enabled: true gateway: istio-system/internal prefix: /v1/keymanager - springConfigNameEnv: activeProfileEnv: diff --git a/helm/softhsm/Chart.yaml b/helm/softhsm/Chart.yaml index 21a7fc396..f0eff426a 100644 --- a/helm/softhsm/Chart.yaml +++ b/helm/softhsm/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: softhsm description: A Helm chart for MOSIP Softhsm module type: application -version: 0.0.1-develop +version: 1.4.0 appVersion: "" dependencies: - name: common diff --git a/helm/softhsm/values.yaml b/helm/softhsm/values.yaml index 7de01e9f8..d169fd7e9 100644 --- a/helm/softhsm/values.yaml +++ b/helm/softhsm/values.yaml @@ -4,17 +4,14 @@ ## TODO: Multiple replicas are not supported 'cause AWS EBS gp2 storage class does not support ReadWriteMany replicaCount: 1 - image: - repository: mosipqa/softhsm + repository: mosipid/softhsm pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "v2" - + tag: "1.3.0" imagePullSecrets: [] nameOverride: "" fullnameOverride: "" - serviceAccount: # Specifies whether a service account should be created create: true @@ -23,36 +20,30 @@ serviceAccount: # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" - commonAnnotations: {} - podAnnotations: {} - podSecurityContext: enabled: true runAsUser: 1001 runAsGroup: 2001 fsGroup: 3001 - containerSecurityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 +# capabilities: +# drop: +# - ALL +# readOnlyRootFilesystem: true +# runAsNonRoot: true +# runAsUser: 1000 service: type: ClusterIP port: 80 - containerPort: 5666 - ingress: enabled: false annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" hosts: - host: chart-example.local paths: [] @@ -60,7 +51,6 @@ ingress: # - secretName: chart-example-tls # hosts: # - chart-example.local - resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little @@ -72,25 +62,19 @@ resources: requests: cpu: 100m memory: 750Mi - additionalResources: ## Specify any JAVA_OPTS string here. These typically will be specified in conjunction with above resources ## Example: java_opts: "-Xms500M -Xmx500M" javaOpts: "-Xms750M -Xmx750M" - autoscaling: enabled: false minReplicas: 1 maxReplicas: 100 targetCPUUtilizationPercentage: 80 # targetMemoryUtilizationPercentage: 80 - nodeSelector: {} - tolerations: [] - affinity: {} - persistence: enabled: true ## If defined, storageClassName: @@ -112,7 +96,6 @@ persistence: existingClaim: # Dir where config and keys are written inside container mountDir: /softhsm - ## Configure extra options for startup, liveness and readiness probes ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes startupProbe: @@ -124,7 +107,6 @@ startupProbe: timeoutSeconds: 5 failureThreshold: 10 successThreshold: 1 - readinessProbe: enabled: true tcpSocket: @@ -134,7 +116,6 @@ readinessProbe: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - livenessProbe: enabled: true tcpSocket: @@ -144,10 +125,8 @@ livenessProbe: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - ## Numbers. If not specified a random PIN is assigned. securityPIN: "" - ## Softhhsm conf file that must be mounted inside softhsm container configuration: |- # SoftHSM v2 configuration file