In Memory Helm chart misses the service definition for the public data plane

[tom-rm-meyer-ISST]

Describe the bug

A Proxy Pull flow can't be performed with the helm chart. When used with ingress (also configuring the ingress to be internet facing), then the public/api endpoint returns a 503

To Reproduce

Steps to reproduce the behavior:

1. Configure your ingress as follows (additionally configure your ssi / miw config as needed)

  ingresses:
    ## Public / Internet facing Ingress
    - enabled: true
      # -- The hostname to be used to precisely map incoming traffic onto the underlying network service
      hostname: "your-hostname"
      # -- Additional ingress annotations to add
      annotations: {}
      # -- EDC endpoints exposed by this ingress resource
      endpoints:
        - protocol
        - management
        - control
        - public
        - proxy
      # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class)  to use
      className: "nginx"
      # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource
      tls:
        # -- Enables TLS on the ingress resource
        enabled: true
        # -- If present overwrites the default secret name
        secretName: "secret-name"
      ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource
      certManager:
        # -- If preset enables certificate generation via cert-manager namespace scoped issuer
        issuer: ""
        # -- If preset enables certificate generation via cert-manager cluster-wide issuer
        clusterIssuer: ""

2. install the tractus-x in memory connector helm chart with the ingress definition.
3. Perform a post without auth against https:/api/public -> should return 403 but results in 503

Expected behavior

If no auth is given, 403 should happen.

Screenshots/Error Messages

If applicable, add screenshots and/or error messages to help explain your problem.

Context Information

Add any other context or information about the problem here.

• Used version: Tag 0.5.3
• OS: Linux Ubuntu 22.4.4 LTS
• Docker Version: don't know, argo cd
• java --version: don't know

Possible Implementation

You already know the root cause of the erroneous state and how to fix it? Feel free to share your thoughts.

Problem is related to template which does not provide a service definition for public port. Got it running via live manifest update on argo, but now run into a 404 problem again because /validation/token can't be found

[KilianHaag]

I assume this should be resolved by #908
Also the /validation/token issue should be resolved by #937

Sadly I can't find a chart for version > 0.5.3, which would include this fix.

Regarding the issue with /validation/token, I used the following workaround:
runtime:
endpoints:
validation:
path: /control
port: 8083
env:
WEB_HTTP_VALIDATION_PATH: '/foobar'
WEB_HTTP_VALIDATION_PORT: '8091'
EDC_DATAPLANE_TOKEN_VALIDATION_ENDPOINT: http://edc-runtime:8083/control/token

The "endpoints:" values are used for templating the ingress and path, but they need to be overridden by a free port e.g. 8091 via the 'env:' to no collide.

If you are using argoCD for deployment be aware that you might have to delete the deployment before updating.
ArgoCD sorts the env vars, which will result in an error if you have duplicates.

[github-actions]

This issue is stale because it has been open for 4 weeks with no activity.

[github-actions]

This issue was closed because it has been inactive for 14 days since being marked as stale.