fix(mojaloop/#2405): helm release v13.0.x upgrades fail after several…

… iterations Fixes for mojaloop/project#2405: - Added duplicate protection for set env vars for the mojaloop-simulator deployment descriptor. - Uncommented statically configured env vars for the mojaloop-simulator in the values.yaml and removed them from the deployment descriptor. - Removed breaking mojaloop-simulator configs from the mojaloop/values.yaml. They can still be configured if required, but rather hide configs that should be avoided. - Parch version bump to mojaloop-simulators Helm chart
mojaloop · Aug 25, 2021 · 7feed6f · 7feed6f
1 parent eeafeaa
commit 7feed6f
Show file tree

Hide file tree

Showing 5 changed files with 22 additions and 41 deletions.
diff --git a/mojaloop-simulator/Chart.yaml b/mojaloop-simulator/Chart.yaml
@@ -1,5 +1,5 @@
 apiVersion: v1
 description: "Helm Chart for the Mojaloop (SDK-based) Simulator"
 name: mojaloop-simulator
-version: 12.0.0
+version: 12.0.1
 appVersion: "sdk-scheme-adapter: v11.17.1; mojaloop-simulator: v11.4.3"
diff --git a/mojaloop-simulator/templates/deployment.yaml b/mojaloop-simulator/templates/deployment.yaml
@@ -87,26 +87,19 @@ spec:
         - name: tls-secrets
           mountPath: "/secrets/"
         env:
+        {{- if (not $config.config.schemeAdapter.env.CACHE_HOST) }} # We only define this if it is not defined in config.schemeAdapter.env, otherwise we may have duplicate env values!
         - name: CACHE_HOST
           value: {{ printf "%s-cache" $fullName }}
+        {{- end}}
+        {{- if (not $config.config.schemeAdapter.env.BACKEND_ENDPOINT) }} # We only define this if it is not defined in config.schemeAdapter.env, otherwise we may have duplicate env values!
         - name: BACKEND_ENDPOINT
           value: {{ printf "%s-backend:3000" $fullName }}
+        {{- end}}
+        {{- if (not $config.config.schemeAdapter.env.DFSP_ID) }} # We only define this if it is not defined in config.schemeAdapter.env, otherwise we may have duplicate env values!
         - name: DFSP_ID
           value: {{ $name | quote }}
-        - name: IN_CA_CERT_PATH
-          value: "/secrets/inbound-cacert.pem"
-        - name: IN_SERVER_CERT_PATH
-          value: "/secrets/inbound-cert.pem"
-        - name: IN_SERVER_KEY_PATH
-          value: "/secrets/inbound-key.pem"
-        - name: OUT_CA_CERT_PATH
-          value: "/secrets/outbound-cacert.pem"
-        - name: OUT_CLIENT_CERT_PATH
-          value: "/secrets/outbound-cert.pem"
-        - name: OUT_CLIENT_KEY_PATH
-          value: "/secrets/outbound-key.pem"
-        - name: JWS_SIGNING_KEY_PATH
-          value: "/jwsSigningKey/private.key"
+        {{- end}}
+        ## Map environment values
         {{- range $k, $v := $config.config.schemeAdapter.env }}
         - name: {{ $k }}
           value: {{ $v | quote | replace "$release_name" $releaseName }}
@@ -179,12 +172,18 @@ spec:
             scheme: HTTP
         {{- end }}
         env:
+        {{- if (not $config.config.backend.env.OUTBOUND_ENDPOINT) }} # We only define this if it is not defined in config.schemeAdapter.env, otherwise we may have duplicate env values!
         - name: OUTBOUND_ENDPOINT
           value: "http://{{ $fullName }}-scheme-adapter:{{ $config.config.schemeAdapter.env.OUTBOUND_LISTEN_PORT }}"
+        {{- end }}
+        {{- if (not $config.config.schemeAdapter.env.SCHEME_NAME) }} # We only define this if it is not defined in config.schemeAdapter.env, otherwise we may have duplicate env values!
         - name: SCHEME_NAME
           value: {{ $fullName | quote }}
+        {{- end }}
+        {{- if (not $config.config.backend.env.DFSP_ID) }} # We only define this if it is not defined in config.schemeAdapter.env, otherwise we may have duplicate env values!
         - name: DFSP_ID
           value: {{ $name | quote }}
+        {{- end }}
         {{- range $k, $v := $config.config.backend.env }}
         - name: {{ $k }}
           value: {{ $v | quote }}

diff --git a/mojaloop-simulator/values.yaml b/mojaloop-simulator/values.yaml
@@ -306,19 +306,19 @@ defaults: &defaults
         JWS_SIGN_PUT_PARTIES: true
 
         # Path to JWS signing key (private key of THIS DFSP)
-        # JWS_SIGNING_KEY_PATH: "/jwsSigningKey.key" # do not configure- will break the chart
+        JWS_SIGNING_KEY_PATH: "/jwsSigningKey/private.key" # do not change this unless you know what you are doing - this will break the chart
         JWS_VERIFICATION_KEYS_DIRECTORY: "/jwsVerificationKeys"
 
         # Location of certs and key required for TLS. It is possible to configure these- however,
         # at the time of writing, it's not supported by this chart and will likely cause breakage.
         # You should probably not do it unless you know what you're doing.
-          # IN_CA_CERT_PATH: ./secrets/inbound-cacert.pem
-          # IN_SERVER_CERT_PATH: ./secrets/inbound-cert.pem
-          # IN_SERVER_KEY_PATH: ./secrets/inbound-key.pem
+        IN_CA_CERT_PATH: ./secrets/inbound-cacert.pem
+        IN_SERVER_CERT_PATH: ./secrets/inbound-cert.pem
+        IN_SERVER_KEY_PATH: ./secrets/inbound-key.pem
 
-          # OUT_CA_CERT_PATH: ./secrets/outbound-cacert.pem
-          # OUT_CLIENT_CERT_PATH: ./secrets/outbound-cert.pem
-          # OUT_CLIENT_KEY_PATH: ./secrets/outbound-key.pem
+        OUT_CA_CERT_PATH: ./secrets/outbound-cacert.pem
+        OUT_CLIENT_CERT_PATH: ./secrets/outbound-cert.pem
+        OUT_CLIENT_KEY_PATH: ./secrets/outbound-key.pem
 
         # The number of space characters by which to indent pretty-printed logs. If set to zero, log events
         # will each be printed on a single line.

diff --git a/mojaloop/requirements.yaml b/mojaloop/requirements.yaml
@@ -21,7 +21,7 @@ dependencies:
   repository: "file://../simulator"
   condition: simulator.enabled
 - name: mojaloop-simulator
-  version: 12.0.0
+  version: 12.0.1
   repository: "file://../mojaloop-simulator"
   condition: mojaloop-simulator.enabled
 - name: mojaloop-bulk

diff --git a/mojaloop/values.yaml b/mojaloop/values.yaml
@@ -5652,24 +5652,6 @@ mojaloop-simulator:
           # allows disabling of signing on outgoing PUT /parties/{idType}/{idValue} requests
           JWS_SIGN_PUT_PARTIES: true
 
-          # Path to JWS signing key (private key of THIS DFSP)
-          # JWS_SIGNING_KEY_PATH: "/jwsSigningKey.key" # TODO: do not configure- will break the chart
-          JWS_VERIFICATION_KEYS_DIRECTORY: "/jwsVerificationKeys"
-
-          # Location of certs and key required for TLS. It is possible to configure these- however,
-          # at the time of writing, it's not supported by this chart.
-          # IN_CA_CERT_PATH: ./secrets/inbound-cacert.pem
-          # IN_SERVER_CERT_PATH: ./secrets/inbound-cert.pem
-          # IN_SERVER_KEY_PATH: ./secrets/inbound-key.pem
-
-          # OUT_CA_CERT_PATH: ./secrets/outbound-cacert.pem
-          # OUT_CLIENT_CERT_PATH: ./secrets/outbound-cert.pem
-          # OUT_CLIENT_KEY_PATH: ./secrets/outbound-key.pem
-
-          # TEST_CA_CERT_PATH: ./secrets/test-cacert.pem
-          # TEST_CLIENT_CERT_PATH: ./secrets/test-cert.pem
-          # TEST_CLIENT_KEY_PATH: ./secrets/test-key.pem
-
           # The number of space characters by which to indent pretty-printed logs. If set to zero, log events
           # will each be printed on a single line.
           LOG_INDENT: "0"