diff --git a/.github/workflows/chart-test.yml b/.github/workflows/chart-test.yml index f84f1d32..a389c20f 100644 --- a/.github/workflows/chart-test.yml +++ b/.github/workflows/chart-test.yml @@ -121,7 +121,7 @@ jobs: run: ct lint --validate-maintainers=false --check-version-increment=false --target-branch ${{ github.event.repository.default_branch }} - name: Run chart-testing (install) - run: ct install --charts charts/ssi-credential-issuer --config charts/chart-testing-config.yaml --helm-extra-set-args "--set issuer.image.name=kind-registry:5000/credential-issuer-service --set issuer.image.tag=testing --set issuermigrations.image.name=kind-registry:5000/credential-issuer-migrations --set issuermigrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-expiry-app --set credentialExpiry.image.tag=testing" + run: ct install --charts charts/ssi-credential-issuer --config charts/chart-testing-config.yaml --helm-extra-set-args "--set service.image.name=kind-registry:5000/credential-issuer-service --set service.image.tag=testing --set migrations.image.name=kind-registry:5000/credential-issuer-migrations --set migrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-expiry-app --set credentialExpiry.image.tag=testing" if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true' # Upgrade the released chart version with the locally available chart @@ -132,5 +132,5 @@ jobs: helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev helm install ssi-credential-issuer tractusx-dev/ssi-credential-issuer --version ${{ github.event.inputs.upgrade_from || '1.0.0' }} --namespace upgrade --create-namespace helm dependency update charts/ssi-credential-issuer - helm upgrade ssi-credential-issuer charts/ssi-credential-issuer --set issuer.image.name=kind-registry:5000/credential-issuer-service --set issuer.image.tag=testing --set issuermigrations.image.name=kind-registry:5000/credential-issuer-migrations --set issuermigrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-expiry-app --set credentialExpiry.image.tag=testing --namespace upgrade + helm upgrade ssi-credential-issuer charts/ssi-credential-issuer --set service.image.name=kind-registry:5000/credential-issuer-service --set service.image.tag=testing --set migrations.image.name=kind-registry:5000/credential-issuer-migrations --set migrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-expiry-app --set credentialExpiry.image.tag=testing --namespace upgrade if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true' diff --git a/.github/workflows/owasp-zap.yml b/.github/workflows/owasp-zap.yml index 9c8fb41f..768b9a6b 100644 --- a/.github/workflows/owasp-zap.yml +++ b/.github/workflows/owasp-zap.yml @@ -107,7 +107,7 @@ jobs: helm dependency build - name: Install the chart on KinD cluster - run: helm install testing -n apps --create-namespace --wait --set issuer.image.name=kind-registry:5000/credential-issuer-service --set issuer.image.tag=testing --set issuermigrations.image.name=kind-registry:5000/credential-issuer-migrations --set issuermigrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-expiry-app --set credentialExpiry.image.tag=testing --set issuer.swaggerEnabled=true charts/ssi-credential-issuer + run: helm install testing -n apps --create-namespace --wait --set service.image.name=kind-registry:5000/credential-issuer-service --set service.image.tag=testing --set migrations.image.name=kind-registry:5000/credential-issuer-migrations --set migrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-expiry-app --set credentialExpiry.image.tag=testing --set service.swaggerEnabled=true charts/ssi-credential-issuer - name: Configure port forward to app in KinD run: | diff --git a/charts/ssi-credential-issuer/README.md b/charts/ssi-credential-issuer/README.md index f8104ad1..b174c0f5 100644 --- a/charts/ssi-credential-issuer/README.md +++ b/charts/ssi-credential-issuer/README.md @@ -43,39 +43,39 @@ dependencies: | portalBackendAddress | string | `"https://portal-backend.example.org"` | Provide portal-backend base address. | | walletAddress | string | `"https://wallet.example.org"` | | | walletTokenAddress | string | `"https://wallet.example.org/oauth/token"` | | -| issuer.image.name | string | `"docker.io/tractusx/ssi-credential-issuer-service"` | | -| issuer.image.tag | string | `""` | | -| issuer.imagePullPolicy | string | `"IfNotPresent"` | | -| issuer.resources | object | `{"limits":{"cpu":"45m","memory":"400M"},"requests":{"cpu":"15m","memory":"400M"}}` | We recommend to review the default resource limits as this should a conscious choice. | -| issuer.logging.businessLogic | string | `"Information"` | | -| issuer.logging.default | string | `"Information"` | | -| issuer.healthChecks.startup.path | string | `"/health/startup"` | | -| issuer.healthChecks.startup.tags[0].name | string | `"HEALTHCHECKS__0__TAGS__1"` | | -| issuer.healthChecks.startup.tags[0].value | string | `"issuerdb"` | | -| issuer.healthChecks.liveness.path | string | `"/healthz"` | | -| issuer.healthChecks.readyness.path | string | `"/ready"` | | -| issuer.swaggerEnabled | bool | `false` | | -| issuer.portal.scope | string | `"openid"` | | -| issuer.portal.grantType | string | `"client_credentials"` | | -| issuer.portal.clientId | string | `"portal-client-id"` | Provide portal client-id from CX IAM centralidp. | -| issuer.portal.clientSecret | string | `""` | Client-secret for portal client-id. Secret-key 'portal-client-secret'. | -| issuer.credential.issuerDid | string | `"did:web:example"` | | -| issuer.credential.issuerBpn | string | `"BPNL00000001TEST"` | | -| issuer.credential.statusListUrl | string | `"https://example.org/statuslist"` | | -| issuer.credential.encryptionConfigIndex | int | `0` | | -| issuer.credential.encryptionConfigs.index0.index | int | `0` | | -| issuer.credential.encryptionConfigs.index0.cipherMode | string | `"CBC"` | | -| issuer.credential.encryptionConfigs.index0.paddingMode | string | `"PKCS7"` | | -| issuer.credential.encryptionConfigs.index0.encryptionKey | string | `""` | EncryptionKey for wallet. Secret-key 'credential-encryption-key0'. Expected format is 256 bit (64 digits) hex. | -| issuermigrations.name | string | `"migrations"` | | -| issuermigrations.image.name | string | `"docker.io/tractusx/ssi-credential-issuer-migrations"` | | -| issuermigrations.image.tag | string | `""` | | -| issuermigrations.imagePullPolicy | string | `"IfNotPresent"` | | -| issuermigrations.resources | object | `{"limits":{"cpu":"45m","memory":"200M"},"requests":{"cpu":"15m","memory":"200M"}}` | We recommend to review the default resource limits as this should a conscious choice. | -| issuermigrations.seeding.testDataEnvironments | string | `""` | | -| issuermigrations.seeding.testDataPaths | string | `"Seeder/Data"` | | -| issuermigrations.logging.default | string | `"Information"` | | -| issuermigrations.processIdentity.identityId | string | `"ac1cf001-7fbc-1f2f-817f-bce058020006"` | | +| service.image.name | string | `"docker.io/tractusx/ssi-credential-issuer-service"` | | +| service.image.tag | string | `""` | | +| service.imagePullPolicy | string | `"IfNotPresent"` | | +| service.resources | object | `{"limits":{"cpu":"45m","memory":"400M"},"requests":{"cpu":"15m","memory":"400M"}}` | We recommend to review the default resource limits as this should a conscious choice. | +| service.logging.businessLogic | string | `"Information"` | | +| service.logging.default | string | `"Information"` | | +| service.healthChecks.startup.path | string | `"/health/startup"` | | +| service.healthChecks.startup.tags[0].name | string | `"HEALTHCHECKS__0__TAGS__1"` | | +| service.healthChecks.startup.tags[0].value | string | `"issuerdb"` | | +| service.healthChecks.liveness.path | string | `"/healthz"` | | +| service.healthChecks.readyness.path | string | `"/ready"` | | +| service.swaggerEnabled | bool | `false` | | +| service.portal.scope | string | `"openid"` | | +| service.portal.grantType | string | `"client_credentials"` | | +| service.portal.clientId | string | `"portal-client-id"` | Provide portal client-id from CX IAM centralidp. | +| service.portal.clientSecret | string | `""` | Client-secret for portal client-id. Secret-key 'portal-client-secret'. | +| service.credential.issuerDid | string | `"did:web:example"` | | +| service.credential.issuerBpn | string | `"BPNL00000001TEST"` | | +| service.credential.statusListUrl | string | `"https://example.org/statuslist"` | | +| service.credential.encryptionConfigIndex | int | `0` | | +| service.credential.encryptionConfigs.index0.index | int | `0` | | +| service.credential.encryptionConfigs.index0.cipherMode | string | `"CBC"` | | +| service.credential.encryptionConfigs.index0.paddingMode | string | `"PKCS7"` | | +| service.credential.encryptionConfigs.index0.encryptionKey | string | `""` | EncryptionKey for wallet. Secret-key 'credential-encryption-key0'. Expected format is 256 bit (64 digits) hex. | +| migrations.name | string | `"migrations"` | | +| migrations.image.name | string | `"docker.io/tractusx/ssi-credential-issuer-migrations"` | | +| migrations.image.tag | string | `""` | | +| migrations.imagePullPolicy | string | `"IfNotPresent"` | | +| migrations.resources | object | `{"limits":{"cpu":"45m","memory":"200M"},"requests":{"cpu":"15m","memory":"200M"}}` | We recommend to review the default resource limits as this should a conscious choice. | +| migrations.seeding.testDataEnvironments | string | `""` | | +| migrations.seeding.testDataPaths | string | `"Seeder/Data"` | | +| migrations.logging.default | string | `"Information"` | | +| migrations.processIdentity.identityId | string | `"ac1cf001-7fbc-1f2f-817f-bce058020006"` | | | processesworker.name | string | `"processesworker"` | | | processesworker.image.name | string | `"docker.io/tractusx/ssi-credential-issuer-processes-worker"` | | | processesworker.image.tag | string | `""` | | diff --git a/charts/ssi-credential-issuer/templates/cronjob-issuer-processes.yaml b/charts/ssi-credential-issuer/templates/cronjob-issuer-processes.yaml index 816d15ce..4cc88684 100644 --- a/charts/ssi-credential-issuer/templates/cronjob-issuer-processes.yaml +++ b/charts/ssi-credential-issuer/templates/cronjob-issuer-processes.yaml @@ -67,7 +67,7 @@ spec: value: "Server={{ .Values.externalDatabase.host }};Database={{ .Values.externalDatabase.database }};Port={{ .Values.externalDatabase.port }};User Id={{ .Values.externalDatabase.username }};Password=$(ISSUER_PASSWORD);Ssl Mode={{ .Values.dbConnection.sslMode }};" {{- end }} - name: "PORTAL__CLIENTID" - value: "{{ .Values.issuer.portal.clientId }}" + value: "{{ .Values.service.portal.clientId }}" - name: "PORTAL__CLIENTSECRET" valueFrom: secretKeyRef: @@ -86,7 +86,7 @@ spec: - name: "PORTAL__USERNAME" value: "empty" - name: "CALLBACK__CLIENTID" - value: "{{ .Values.issuer.portal.clientId }}" + value: "{{ .Values.service.portal.clientId }}" - name: "CALLBACK__CLIENTSECRET" valueFrom: secretKeyRef: diff --git a/charts/ssi-credential-issuer/templates/deployment-issuer-service.yaml b/charts/ssi-credential-issuer/templates/deployment-issuer-service.yaml index 7266260c..bb6b5c4b 100644 --- a/charts/ssi-credential-issuer/templates/deployment-issuer-service.yaml +++ b/charts/ssi-credential-issuer/templates/deployment-issuer-service.yaml @@ -45,8 +45,8 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: "{{ .Values.issuer.image.name }}:{{ .Values.issuer.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: "{{ .Values.issuer.imagePullPolicy }}" + image: "{{ .Values.service.image.name }}:{{ .Values.service.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: "{{ .Values.service.imagePullPolicy }}" env: - name: DOTNET_ENVIRONMENT value: "{{ .Values.dotnetEnvironment }}" @@ -69,14 +69,14 @@ spec: value: "Server={{ .Values.externalDatabase.host }};Database={{ .Values.externalDatabase.database }};Port={{ .Values.externalDatabase.port }};User Id={{ .Values.externalDatabase.username }};Password=$(ISSUER_PASSWORD);Ssl Mode={{ .Values.dbConnection.sslMode }};" {{- end }} - name: "HEALTHCHECKS__0__PATH" - value: "{{ .Values.issuer.healthChecks.startup.path}}" - {{- if .Values.issuer.healthChecks.startup.tags }} - {{- toYaml .Values.issuer.healthChecks.startup.tags | nindent 8 }} + value: "{{ .Values.service.healthChecks.startup.path}}" + {{- if .Values.service.healthChecks.startup.tags }} + {{- toYaml .Values.service.healthChecks.startup.tags | nindent 8 }} {{- end }} - name: "HEALTHCHECKS__1__PATH" - value: "{{ .Values.issuer.healthChecks.readyness.path}}" + value: "{{ .Values.service.healthChecks.readyness.path}}" - name: "HEALTHCHECKS__2__PATH" - value: "{{ .Values.issuer.healthChecks.liveness.path}}" + value: "{{ .Values.service.healthChecks.liveness.path}}" - name: "JWTBEAREROPTIONS__METADATAADDRESS" value: "{{ .Values.centralidp.address }}{{ .Values.centralidp.jwtBearerOptions.metadataPath }}" - name: "JWTBEAREROPTIONS__REQUIREHTTPSMETADATA" @@ -88,20 +88,20 @@ spec: - name: "JWTBEAREROPTIONS__REFRESHINTERVAL" value: "{{ .Values.centralidp.jwtBearerOptions.refreshInterval }}" - name: "SERILOG__MINIMUMLEVEL__Default" - value: "{{ .Values.issuer.logging.default }}" + value: "{{ .Values.service.logging.default }}" - name: "SERILOG__MINIMUMLEVEL__OVERRIDE__Org.Eclipse.TractusX.SsiCredentialIssuer.Service" - value: "{{ .Values.issuer.logging.businessLogic }}" + value: "{{ .Values.service.logging.businessLogic }}" - name: "SWAGGERENABLED" - value: "{{ .Values.issuer.swaggerEnabled }}" + value: "{{ .Values.service.swaggerEnabled }}" - name: "PORTAL__CLIENTID" - value: "{{ .Values.issuer.portal.clientId }}" + value: "{{ .Values.service.portal.clientId }}" - name: "PORTAL__CLIENTSECRET" valueFrom: secretKeyRef: name: "{{ template "issuer.secretName" . }}" key: "portal-client-secret" - name: "PORTAL__GRANTTYPE" - value: "{{ .Values.issuer.portal.grantType }}" + value: "{{ .Values.service.portal.grantType }}" - name: "PORTAL__TOKENADDRESS" value: "{{ .Values.centralidp.address }}{{ .Values.centralidp.tokenPath }}" - name: "PORTAL__BASEADDRESS" @@ -109,23 +109,23 @@ spec: - name: "PORTAL__PASSWORD" value: "empty" - name: "PORTAL__SCOPE" - value: "{{ .Values.issuer.portal.scope }}" + value: "{{ .Values.service.portal.scope }}" - name: "PORTAL__USERNAME" value: "empty" - name: "CREDENTIAL__ISSUERDID" - value: "{{ .Values.issuer.credential.issuerDid }}" + value: "{{ .Values.service.credential.issuerDid }}" - name: "CREDENTIAL__ISSUERBPN" - value: "{{ .Values.issuer.credential.issuerBpn }}" + value: "{{ .Values.service.credential.issuerBpn }}" - name: "CREDENTIAL__STATUSLISTURL" - value: "{{ .Values.issuer.credential.statusListUrl }}" + value: "{{ .Values.service.credential.statusListUrl }}" - name: "CREDENTIAL__ENCRYPTIONCONFIG__ENCRYPTIONCONFIGINDEX" - value: "{{ .Values.issuer.credential.encryptionConfigIndex }}" + value: "{{ .Values.service.credential.encryptionConfigIndex }}" - name: "CREDENTIAL__ENCRYPTIONCONFIGS__0__INDEX" - value: "{{ .Values.issuer.credential.encryptionConfigs.index0.index}}" + value: "{{ .Values.service.credential.encryptionConfigs.index0.index}}" - name: "CREDENTIAL__ENCRYPTIONCONFIGS__0__CIPHERMODE" - value: "{{ .Values.issuer.credential.encryptionConfigs.index0.cipherMode}}" + value: "{{ .Values.service.credential.encryptionConfigs.index0.cipherMode}}" - name: "CREDENTIAL__ENCRYPTIONCONFIGS__0__PADDINGMODE" - value: "{{ .Values.issuer.credential.encryptionConfigs.index0.paddingMode}}" + value: "{{ .Values.service.credential.encryptionConfigs.index0.paddingMode}}" - name: "CREDENTIAL__ENCRYPTIONCONFIGS__0__ENCRYPTIONKEY" valueFrom: secretKeyRef: @@ -169,7 +169,7 @@ spec: protocol: TCP startupProbe: httpGet: - path: {{ .Values.issuer.healthChecks.startup.path }} + path: {{ .Values.service.healthChecks.startup.path }} port: {{ .Values.portContainer }} scheme: HTTP initialDelaySeconds: {{ .Values.startupProbe.initialDelaySeconds }} @@ -179,7 +179,7 @@ spec: failureThreshold: {{ .Values.startupProbe.failureThreshold }} livenessProbe: httpGet: - path: {{ .Values.issuer.healthChecks.liveness.path }} + path: {{ .Values.service.healthChecks.liveness.path }} port: {{ .Values.portContainer }} scheme: HTTP initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} @@ -189,7 +189,7 @@ spec: failureThreshold: {{ .Values.livenessProbe.failureThreshold }} readinessProbe: httpGet: - path: {{ .Values.issuer.healthChecks.readyness.path }} + path: {{ .Values.service.healthChecks.readyness.path }} port: {{ .Values.portContainer }} scheme: HTTP initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} @@ -198,7 +198,7 @@ spec: successThreshold: {{ .Values.readinessProbe.successThreshold }} failureThreshold: {{ .Values.readinessProbe.failureThreshold }} resources: - {{- toYaml .Values.issuer.resources | nindent 10 }} + {{- toYaml .Values.service.resources | nindent 10 }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/ssi-credential-issuer/templates/job-issuer-migrations.yaml b/charts/ssi-credential-issuer/templates/job-issuer-migrations.yaml index 89717e57..b8a062ea 100644 --- a/charts/ssi-credential-issuer/templates/job-issuer-migrations.yaml +++ b/charts/ssi-credential-issuer/templates/job-issuer-migrations.yaml @@ -20,7 +20,7 @@ apiVersion: batch/v1 kind: Job metadata: - name: {{ include "issuer.fullname" . }}-{{ .Values.issuermigrations.name }} + name: {{ include "issuer.fullname" . }}-{{ .Values.migrations.name }} annotations: "batch.kubernetes.io/job-tracking": "true" "helm.sh/hook": post-install,post-upgrade @@ -28,11 +28,11 @@ metadata: spec: template: metadata: - name: {{ include "issuer.fullname" . }}-{{ .Values.issuermigrations.name }} + name: {{ include "issuer.fullname" . }}-{{ .Values.migrations.name }} spec: restartPolicy: Never containers: - - name: {{ include "issuer.fullname" . }}-{{ .Values.issuermigrations.name }} + - name: {{ include "issuer.fullname" . }}-{{ .Values.migrations.name }} securityContext: allowPrivilegeEscalation: false capabilities: @@ -40,8 +40,8 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: "{{ .Values.issuermigrations.image.name }}:{{ .Values.issuermigrations.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: "{{ .Values.issuermigrations.imagePullPolicy }}" + image: "{{ .Values.migrations.image.name }}:{{ .Values.migrations.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: "{{ .Values.migrations.imagePullPolicy }}" env: - name: DOTNET_ENVIRONMENT value: "{{ .Values.dotnetEnvironment }}" @@ -64,16 +64,16 @@ spec: value: "Server={{ .Values.externalDatabase.host }};Database={{ .Values.externalDatabase.database }};Port={{ .Values.externalDatabase.port }};User Id={{ .Values.externalDatabase.username }};Password=$(ISSUER_PASSWORD);Ssl Mode={{ .Values.dbConnection.sslMode }};" {{- end }} - name: "SEEDING__TESTDATAENVIRONMENTS__0" - value: "{{ .Values.issuermigrations.seeding.testDataEnvironments }}" + value: "{{ .Values.migrations.seeding.testDataEnvironments }}" - name: "SEEDING__DATAPATHS__0" - value: "{{ .Values.issuermigrations.seeding.testDataPaths }}" + value: "{{ .Values.migrations.seeding.testDataPaths }}" - name: "SERILOG__MINIMUMLEVEL__Default" - value: "{{ .Values.issuermigrations.logging.default }}" + value: "{{ .Values.migrations.logging.default }}" - name: "PROCESSIDENTITY__IDENTITYID" - value: "{{ .Values.issuermigrations.processIdentity.identityId }}" + value: "{{ .Values.migrations.processIdentity.identityId }}" ports: - name: http containerPort: {{ .Values.portContainer }} protocol: TCP resources: - {{- toYaml .Values.issuermigrations.resources | nindent 10 }} + {{- toYaml .Values.migrations.resources | nindent 10 }} diff --git a/charts/ssi-credential-issuer/templates/secret.yaml b/charts/ssi-credential-issuer/templates/secret.yaml index e3315e49..88558ad7 100644 --- a/charts/ssi-credential-issuer/templates/secret.yaml +++ b/charts/ssi-credential-issuer/templates/secret.yaml @@ -36,14 +36,14 @@ data: # use index function for secret keys with hyphen otherwise '$secret.data.secretKey' works too portal-client-secret: {{ coalesce ( .Values.processesworker.portal.clientSecret | b64enc ) ( index $secret.data "portal-client-secret" ) | default ( randAlphaNum 32 ) | quote }} wallet-client-secret: {{ coalesce ( .Values.processesworker.wallet.clientSecret | b64enc ) ( index $secret.data "wallet-client-secret" ) | default ( randAlphaNum 32 ) | quote }} - credential-encryption-key0: {{ coalesce ( .Values.issuer.credential.encryptionConfigs.index0.encryptionKey | b64enc ) ( index $secret.data "credential-encryption-key" ) | default ( randAlphaNum 32 ) | quote }} + credential-encryption-key0: {{ coalesce ( .Values.service.credential.encryptionConfigs.index0.encryptionKey | b64enc ) ( index $secret.data "credential-encryption-key" ) | default ( randAlphaNum 32 ) | quote }} process-wallet-encryption-key0: {{ coalesce ( .Values.processesworker.wallet.encryptionConfigs.index0.encryptionKey | b64enc ) ( index $secret.data "process-wallet-encryption-key" ) | default ( randAlphaNum 32 ) | quote }} {{ else -}} stringData: # if secret doesn't exist, use provided value from values file or generate a random one portal-client-secret: {{ .Values.processesworker.portal.clientSecret | default ( randAlphaNum 32 ) | quote }} wallet-client-secret: {{ .Values.processesworker.wallet.clientSecret | default ( randAlphaNum 32 ) | quote }} - credential-encryption-key0: {{ .Values.issuer.credential.encryptionConfigs.index0.encryptionKey | default ( randAlphaNum 32 ) | quote }} + credential-encryption-key0: {{ .Values.service.credential.encryptionConfigs.index0.encryptionKey | default ( randAlphaNum 32 ) | quote }} process-wallet-encryption-key0: {{ .Values.processesworker.wallet.encryptionConfigs.index0.encryptionKey | default ( randAlphaNum 32 ) | quote }} {{ end }} {{- end -}} diff --git a/charts/ssi-credential-issuer/values.yaml b/charts/ssi-credential-issuer/values.yaml index ab65ad48..99776e4d 100644 --- a/charts/ssi-credential-issuer/values.yaml +++ b/charts/ssi-credential-issuer/values.yaml @@ -22,7 +22,7 @@ portalBackendAddress: "https://portal-backend.example.org" walletAddress: "https://wallet.example.org" walletTokenAddress: "https://wallet.example.org/oauth/token" -issuer: +service: image: name: "docker.io/tractusx/ssi-credential-issuer-service" tag: "" @@ -70,7 +70,7 @@ issuer: # Expected format is 256 bit (64 digits) hex. encryptionKey: "" -issuermigrations: +migrations: name: "migrations" image: name: "docker.io/tractusx/ssi-credential-issuer-migrations" diff --git a/consortia/argocd-app-templates/appsetup-stable.yaml b/consortia/argocd-app-templates/appsetup-stable.yaml index a9109a32..0f902a7a 100644 --- a/consortia/argocd-app-templates/appsetup-stable.yaml +++ b/consortia/argocd-app-templates/appsetup-stable.yaml @@ -55,7 +55,7 @@ spec: backend: service: "issuer-service" port: 8080 - issuermigrations: + migrations: logging: default: "Debug" postgresql: diff --git a/consortia/environments/values-beta.yaml b/consortia/environments/values-beta.yaml index 49e47122..adc8c340 100644 --- a/consortia/environments/values-beta.yaml +++ b/consortia/environments/values-beta.yaml @@ -41,7 +41,7 @@ ingress: backend: port: 8080 -issuer: +service: swaggerEnabled: true credential: issuerDid: "did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp" @@ -54,7 +54,7 @@ issuer: clientId: "" clientSecret: "" -issuermigrations: +migrations: logging: default: "Debug" seeding: diff --git a/consortia/environments/values-dev.yaml b/consortia/environments/values-dev.yaml index 76741e77..3d0400f0 100644 --- a/consortia/environments/values-dev.yaml +++ b/consortia/environments/values-dev.yaml @@ -41,7 +41,7 @@ ingress: backend: port: 8080 -issuer: +service: image: tag: "dev" imagePullPolicy: "Always" @@ -57,7 +57,7 @@ issuer: clientId: "" clientSecret: "" -issuermigrations: +migrations: image: tag: "dev" imagePullPolicy: "Always" diff --git a/consortia/environments/values-int.yaml b/consortia/environments/values-int.yaml index 1f1448ad..a2e6305f 100644 --- a/consortia/environments/values-int.yaml +++ b/consortia/environments/values-int.yaml @@ -41,7 +41,7 @@ ingress: backend: port: 8080 -issuer: +service: swaggerEnabled: true credential: issuerDid: "did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp" @@ -54,7 +54,7 @@ issuer: clientId: "" clientSecret: "" -issuermigrations: +migrations: logging: default: "Debug" seeding: diff --git a/consortia/environments/values-pen.yaml b/consortia/environments/values-pen.yaml index 4150ac73..782a96a5 100644 --- a/consortia/environments/values-pen.yaml +++ b/consortia/environments/values-pen.yaml @@ -41,7 +41,7 @@ ingress: backend: port: 8080 -issuer: +service: swaggerEnabled: true credential: issuerDid: "did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp" @@ -54,7 +54,7 @@ issuer: clientId: "" clientSecret: "" -issuermigrations: +migrations: logging: default: "Debug" seeding: diff --git a/consortia/environments/values-rc.yaml b/consortia/environments/values-rc.yaml index 128fb95b..64bd5f96 100644 --- a/consortia/environments/values-rc.yaml +++ b/consortia/environments/values-rc.yaml @@ -41,7 +41,7 @@ ingress: backend: port: 8080 -issuer: +service: image: tag: "rc" imagePullPolicy: "Always" @@ -57,7 +57,7 @@ issuer: clientId: "" clientSecret: "" -issuermigrations: +migrations: image: tag: "rc" imagePullPolicy: "Always"