Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

removes the cloudhashlookup #33

Merged
merged 1 commit into from
Apr 25, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
63 changes: 31 additions & 32 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -92,38 +92,37 @@ nginx.ingress.kubernetes.io/proxy-body-size: <your maximum filesize>
nginx.ingress.kubernetes.io/proxy-request-buffering: "off"
```

| Parameter | Description | Value |
|-------------|-------------|-------|
| `global.imagePullSecrets` | List of image pull secrets | `- name: registry` |
| `global.secret.dockerconfigjson` | Docker authentication configuration | `""` |
| `gateway.ingress.enabled` | Enable/Disable the Ingress resource | `false` |
| `gateway.ingress.annotations` | Additional annotations for Ingress | `{}` |
| `gateway.ingress.hosts` | Hostnames and paths for Ingress | `[]` |
| `gateway.ingress.tls` | TLS configuration for Ingress | `[]` |
| `gateway.authentication.authority` | Authority for authentication | `""` |
| `gateway.nameOverride` | Overrides the application name | `""` |
| `gateway.fullnameOverride` | Overrides the full name | `""` |
| `gateway.networkPolicy.enabled` | Enable/Disable the default Network Policy | `false` |
| `gateway.service.type` | Type of Kubernetes service | `""` |
| `gateway.service.http.port` | HTTP port for the service | `8080` |
| `gateway.service.ws.port` | WebSocket port for the service | `9090` |
| `gateway.podDisruptionBudget.minAvailable` | Minimum available pods in case of disruption | `1` |
| `gateway.replicaCount` | Number of replicas | `1` |
| `gateway.revisionHistoryLimit` | Number of revisions in history | `1` |
| `gateway.resources.limits.memory` | Maximum memory usage | `512Mi` |
| `gateway.resources.requests.cpu` | Requested CPU performance | `0.5` |
| `gateway.resources.requests.memory` | Requested memory usage | `256Mi` |
| `gateway.containerSecurityContext.enabled` | Enable/Disable container security context | `false` |
| `gateway.cloudhashlookup.enabled` | Enable/Disable cloud hash lookup | `false` |
| `gateway.uploadUrl` | URL for the upload service | `"http://localhost:8080/upload"` |
| `gateway.podAnnotations` | Annotations for pods | `{}` |
| `gateway.nodeSelector` | Node labels for pod assignment | `{}` |
| `gateway.affinity` | Affinity settings for pods | `{}` |
| `gateway.terminationGracePeriodSeconds` | Max time in seconds for scans to complete | `30` |
| `gdscan.nodeSelector` | gdscan node labels for pod assignment | `{}` |
| `gdscan.replicaCount` | Number of replicas for the gdscan deployment | `1`` |
| `gdscan.terminationGracePeriodSeconds` | Max time in seconds for scans to complete. Set to same value as ```gateway.terminationGracePeriodSeconds``` | `30` |
| `mini-identity-provider.nodeSelector` | mini-identity-provider Node labels for pod assignment | `{}` |
| Parameter | Description | Value |
| ------------------------------------------ | ----------------------------------------------------------------------------------------------------------- | -------------------------------- |
| `global.imagePullSecrets` | List of image pull secrets | `- name: registry` |
| `global.secret.dockerconfigjson` | Docker authentication configuration | `""` |
| `gateway.ingress.enabled` | Enable/Disable the Ingress resource | `false` |
| `gateway.ingress.annotations` | Additional annotations for Ingress | `{}` |
| `gateway.ingress.hosts` | Hostnames and paths for Ingress | `[]` |
| `gateway.ingress.tls` | TLS configuration for Ingress | `[]` |
| `gateway.authentication.authority` | Authority for authentication | `""` |
| `gateway.nameOverride` | Overrides the application name | `""` |
| `gateway.fullnameOverride` | Overrides the full name | `""` |
| `gateway.networkPolicy.enabled` | Enable/Disable the default Network Policy | `false` |
| `gateway.service.type` | Type of Kubernetes service | `""` |
| `gateway.service.http.port` | HTTP port for the service | `8080` |
| `gateway.service.ws.port` | WebSocket port for the service | `9090` |
| `gateway.podDisruptionBudget.minAvailable` | Minimum available pods in case of disruption | `1` |
| `gateway.replicaCount` | Number of replicas | `1` |
| `gateway.revisionHistoryLimit` | Number of revisions in history | `1` |
| `gateway.resources.limits.memory` | Maximum memory usage | `512Mi` |
| `gateway.resources.requests.cpu` | Requested CPU performance | `0.5` |
| `gateway.resources.requests.memory` | Requested memory usage | `256Mi` |
| `gateway.containerSecurityContext.enabled` | Enable/Disable container security context | `false` |
| `gateway.uploadUrl` | URL for the upload service | `"http://localhost:8080/upload"` |
| `gateway.podAnnotations` | Annotations for pods | `{}` |
| `gateway.nodeSelector` | Node labels for pod assignment | `{}` |
| `gateway.affinity` | Affinity settings for pods | `{}` |
| `gateway.terminationGracePeriodSeconds` | Max time in seconds for scans to complete | `30` |
| `gdscan.nodeSelector` | gdscan node labels for pod assignment | `{}` |
| `gdscan.replicaCount` | Number of replicas for the gdscan deployment | `1`` |
| `gdscan.terminationGracePeriodSeconds` | Max time in seconds for scans to complete. Set to same value as ```gateway.terminationGracePeriodSeconds``` | `30` |
| `mini-identity-provider.nodeSelector` | mini-identity-provider Node labels for pod assignment | `{}` |

### Production environment

Expand Down
2 changes: 1 addition & 1 deletion charts/vaas/Chart.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
apiVersion: v2
name: vaas
version: 1.2.5
version: 1.3.0
description: Deployment of a Verdict-as-a-Service on-premise instance
maintainers:
- name: G DATA CyberDefense AG
Expand Down
1 change: 0 additions & 1 deletion charts/vaas/templates/gateway/networkpolicy.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -24,5 +24,4 @@ spec:
- port: 80 # VerdictRequestForUrl
- port: 6379 # Redis
- port: 8080 # GdScan
- port: 9090 # Cloud Gateway
{{- end }}
12 changes: 0 additions & 12 deletions charts/vaas/templates/gateway/statefulset.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -52,18 +52,6 @@ spec:
value: "http://gdscan:8080/scan/body"
- name: RedisConfiguration__Configuration
value: "redis-master"
{{- if .Values.gateway.cloudhashlookup.enabled }}
- name: VerdictAsAService__Url
value: {{ .Values.gateway.options.url | quote }}
- name: VerdictAsAService__TokenUrl
value: {{ .Values.gateway.options.tokenurl | quote }}
- name: VerdictAsAService__Credentials__GrantType
value: {{ .Values.gateway.options.credentials.granttype | quote }}
- name: VerdictAsAService__Credentials__ClientId
value: {{ .Values.gateway.options.credentials.clientid | quote }}
- name: VerdictAsAService__Credentials__ClientSecret
{{ toYaml .Values.gateway.options.credentials.clientsecret }}
{{- end }}
- name: DOTNET_ENVIRONMENT
value: {{ .Release.Name }}
- name: ASPNETCORE_ENVIRONMENT
Expand Down
3 changes: 0 additions & 3 deletions charts/vaas/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -115,9 +115,6 @@ gateway:
pullPolicy: Always
tag: 1.1.0

cloudhashlookup:
enabled: false

uploadUrl: "http://vaas/upload"

options:
Expand Down
Loading