diff --git a/charts/plgd-hub/README.md b/charts/plgd-hub/README.md index ec8a1633f..c452e0451 100644 --- a/charts/plgd-hub/README.md +++ b/charts/plgd-hub/README.md @@ -68,6 +68,7 @@ global: | certificateauthority.deploymentLabels | object | `{}` | Additional labels for certificate-authority deployment | | certificateauthority.domain | string | `nil` | External domain for certificate-authority. Default: api.{{ global.domain }} | | certificateauthority.enabled | bool | `true` | Enable certificate-authority service | +| certificateauthority.extraContainers | object | `{}` | Extra POD containers | | certificateauthority.extraVolumeMounts | string | `nil` | Optional extra volume mounts | | certificateauthority.extraVolumes | string | `nil` | Optional extra volumes | | certificateauthority.fullnameOverride | string | `nil` | Full name to override | @@ -81,6 +82,7 @@ global: | certificateauthority.ingress.customAnnotations | object | `{}` | Custom map of Ingress annotation | | certificateauthority.ingress.enabled | bool | `true` | Enable ingress | | certificateauthority.ingress.paths | list | `["/certificateauthority.pb.CertificateAuthority"]` | Paths | +| certificateauthority.ingress.secretName | string | `nil` | Override name of host/tls secret. If not specified, it will be generated | | certificateauthority.initContainersTpl | string | `nil` | Init containers definition | | certificateauthority.livenessProbe | string | `nil` | Liveness probe. certificate-authority doesn't have any default liveness probe | | certificateauthority.log.encoderConfig.timeEncoder | string | `"rfc3339nano"` | Time format for logs. The supported values are: "rfc3339nano", "rfc3339" | @@ -105,6 +107,9 @@ global: | certificateauthority.securityContext | string | `nil` | Security context for pod | | certificateauthority.service.annotations | object | `{}` | Annotations for certificate-authority service | | certificateauthority.service.labels | object | `{}` | Labels for certificate-authority service | +| certificateauthority.service.name | string | `"grpc"` | Name | +| certificateauthority.service.protocol | string | `"TCP"` | Protocol | +| certificateauthority.service.targetPort | string | `"grpc"` | Target port | | certificateauthority.service.type | string | `"ClusterIP"` | Service type | | certificateauthority.signer | object | `{"certFile":null,"expiresIn":"87600h","hubId":null,"keyFile":null,"validFrom":"now-1h"}` | For complete certificate-authority service configuration see [plgd/certificate-authority](https://github.com/plgd-dev/hub/tree/main/certificate-authority) | | certificateauthority.tolerations | string | `nil` | Toleration definition | @@ -163,7 +168,7 @@ global: | certmanager.internal.issuer.name | string | `nil` | Name | | certmanager.internal.issuer.spec | string | `nil` | cert-manager issuer spec | | cluster.dns | string | `"cluster.local"` | Cluster internal DNS prefix | -| coapgateway | object | `{"affinity":{},"apis":{"coap":{"authorization":{"deviceIdClaim":null,"ownerClaim":null,"providers":null},"blockwiseTransfer":{"blockSize":"1024","enabled":false},"externalAddress":"","keepAlive":{"timeout":"20s"},"maxMessageSize":262144,"messagePoolSize":1000,"ownerCacheExpiration":"1m","subscriptionBufferSize":1000,"tls":{"caPool":null,"certFile":null,"clientCertificateRequired":true,"disconnectOnExpiredCertificate":false,"enabled":true,"keyFile":null}}},"clients":{"eventBus":{"nats":{"pendingLimits":{"bytesLimit":"67108864","msgLimit":"524288"},"tls":{"caPool":null,"certFile":null,"keyFile":null,"useSystemCAPool":false},"url":""}},"identityStore":{"grpc":{"address":"","keepAlive":{"permitWithoutStream":true,"time":"10s","timeout":"20s"},"tls":{"caPool":null,"certFile":null,"keyFile":null,"useSystemCAPool":false}},"ownerClaim":null},"resourceAggregate":{"deviceStatusExpiration":{"enabled":false,"expiresIn":"0s"},"grpc":{"address":"","keepAlive":{"permitWithoutStream":true,"time":"10s","timeout":"20s"},"tls":{"caPool":null,"certFile":null,"keyFile":null,"useSystemCAPool":false}}},"resourceDirectory":{"grpc":{"address":"","keepAlive":{"permitWithoutStream":true,"time":"10s","timeout":"20s"},"tls":{"caPool":null,"certFile":null,"keyFile":null,"useSystemCAPool":false}}}},"config":{"fileName":"service.yaml","mountPath":"/config","volume":"config"},"deploymentAnnotations":{},"deploymentLabels":{},"enabled":true,"extraVolumeMounts":{},"extraVolumes":{},"fullnameOverride":null,"hubId":null,"image":{"imagePullSecrets":{},"pullPolicy":"Always","registry":"ghcr.io/","repository":"plgd-dev/hub/coap-gateway","tag":null},"imagePullSecrets":{},"initContainersTpl":{},"livenessProbe":{},"log":{"dumpBody":false,"encoderConfig":{"timeEncoder":"rfc3339nano"},"encoding":"json","level":"info","stacktrace":{"enabled":false,"level":"warn"}},"name":"coap-gateway","nodeSelector":{},"podAnnotations":{},"podLabels":{},"podSecurityContext":{},"port":5684,"rbac":{"enabled":false,"roleBindingDefinitionTpl":null,"serviceAccountName":"coap-gateway"},"readinessProbe":{},"replicas":1,"resources":{},"restartPolicy":"Always","securityContext":{},"service":{"annotations":{},"labels":{},"nodePort":null,"type":"LoadBalancer"},"taskQueue":{"goPoolSize":1600,"maxIdleTime":"10m","size":"2097152"},"tolerations":{}}` | CoAP gateway parameters | +| coapgateway | object | `{"affinity":{},"apis":{"coap":{"authorization":{"deviceIdClaim":null,"ownerClaim":null,"providers":null},"blockwiseTransfer":{"blockSize":"1024","enabled":false},"externalAddress":"","keepAlive":{"timeout":"20s"},"maxMessageSize":262144,"messagePoolSize":1000,"ownerCacheExpiration":"1m","subscriptionBufferSize":1000,"tls":{"caPool":null,"certFile":null,"clientCertificateRequired":true,"disconnectOnExpiredCertificate":false,"enabled":true,"keyFile":null}}},"clients":{"eventBus":{"nats":{"pendingLimits":{"bytesLimit":"67108864","msgLimit":"524288"},"tls":{"caPool":null,"certFile":null,"keyFile":null,"useSystemCAPool":false},"url":""}},"identityStore":{"grpc":{"address":"","keepAlive":{"permitWithoutStream":true,"time":"10s","timeout":"20s"},"tls":{"caPool":null,"certFile":null,"keyFile":null,"useSystemCAPool":false}},"ownerClaim":null},"resourceAggregate":{"deviceStatusExpiration":{"enabled":false,"expiresIn":"0s"},"grpc":{"address":"","keepAlive":{"permitWithoutStream":true,"time":"10s","timeout":"20s"},"tls":{"caPool":null,"certFile":null,"keyFile":null,"useSystemCAPool":false}}},"resourceDirectory":{"grpc":{"address":"","keepAlive":{"permitWithoutStream":true,"time":"10s","timeout":"20s"},"tls":{"caPool":null,"certFile":null,"keyFile":null,"useSystemCAPool":false}}}},"config":{"fileName":"service.yaml","mountPath":"/config","volume":"config"},"deploymentAnnotations":{},"deploymentLabels":{},"enabled":true,"extraContainers":{},"extraVolumeMounts":{},"extraVolumes":{},"fullnameOverride":null,"hubId":null,"image":{"imagePullSecrets":{},"pullPolicy":"Always","registry":"ghcr.io/","repository":"plgd-dev/hub/coap-gateway","tag":null},"imagePullSecrets":{},"initContainersTpl":{},"livenessProbe":{},"log":{"dumpBody":false,"encoderConfig":{"timeEncoder":"rfc3339nano"},"encoding":"json","level":"info","stacktrace":{"enabled":false,"level":"warn"}},"name":"coap-gateway","nodeSelector":{},"podAnnotations":{},"podLabels":{},"podSecurityContext":{},"port":5684,"rbac":{"enabled":false,"roleBindingDefinitionTpl":null,"serviceAccountName":"coap-gateway"},"readinessProbe":{},"replicas":1,"resources":{},"restartPolicy":"Always","securityContext":{},"service":{"annotations":{},"labels":{},"name":"coaps","nodePort":null,"protocol":"TCP","targetPort":"coaps","type":"LoadBalancer"},"taskQueue":{"goPoolSize":1600,"maxIdleTime":"10m","size":"2097152"},"tolerations":{}}` | CoAP gateway parameters | | coapgateway.affinity | object | `{}` | Affinity definition | | coapgateway.apis | object | `{"coap":{"authorization":{"deviceIdClaim":null,"ownerClaim":null,"providers":null},"blockwiseTransfer":{"blockSize":"1024","enabled":false},"externalAddress":"","keepAlive":{"timeout":"20s"},"maxMessageSize":262144,"messagePoolSize":1000,"ownerCacheExpiration":"1m","subscriptionBufferSize":1000,"tls":{"caPool":null,"certFile":null,"clientCertificateRequired":true,"disconnectOnExpiredCertificate":false,"enabled":true,"keyFile":null}}}` | For complete coap-gateway service configuration see [plgd/coap-gateway](https://github.com/plgd-dev/hub/tree/main/coap-gateway) | | coapgateway.apis.coap.tls.disconnectOnExpiredCertificate | bool | `false` | After the certificate expires, the connection will be disconnected | @@ -174,6 +179,7 @@ global: | coapgateway.deploymentAnnotations | object | `{}` | Additional annotations for coap-gateway deployment | | coapgateway.deploymentLabels | object | `{}` | Additional labels for coap-gateway deployment | | coapgateway.enabled | bool | `true` | Enable coap-gateway service | +| coapgateway.extraContainers | object | `{}` | Extra POD containers | | coapgateway.extraVolumeMounts | object | `{}` | Optional extra volume mounts | | coapgateway.extraVolumes | object | `{}` | Optional extra volumes | | coapgateway.fullnameOverride | string | `nil` | Full name to override | @@ -209,7 +215,10 @@ global: | coapgateway.securityContext | object | `{}` | Security context for pod | | coapgateway.service.annotations | object | `{}` | Annotations for coap-gateway service | | coapgateway.service.labels | object | `{}` | Labels for coap-gateway service | +| coapgateway.service.name | string | `"coaps"` | Name | | coapgateway.service.nodePort | string | `nil` | Use nodePort if specified | +| coapgateway.service.protocol | string | `"TCP"` | Protocol | +| coapgateway.service.targetPort | string | `"coaps"` | Target port | | coapgateway.service.type | string | `"LoadBalancer"` | Service type | | coapgateway.taskQueue | object | `{"goPoolSize":1600,"maxIdleTime":"10m","size":"2097152"}` | For complete coap-gateway service configuration see [plgd/coap-gateway](https://github.com/plgd-dev/hub/tree/main/coap-gateway) | | coapgateway.tolerations | object | `{}` | Toleration definition | @@ -234,6 +243,7 @@ global: | grpcgateway.deploymentLabels | object | `{}` | Additional labels for grpc-gateway deployment | | grpcgateway.domain | string | `nil` | External domain for grpc-gateway. Default: api.{{ global.domain }} | | grpcgateway.enabled | bool | `true` | Enable grpc-gateway service | +| grpcgateway.extraContainers | object | `{}` | Extra POD containers | | grpcgateway.extraVolumeMounts | object | `{}` | Optional extra volume mounts | | grpcgateway.extraVolumes | object | `{}` | Optional extra volumes | | grpcgateway.fullnameOverride | string | `nil` | Full name to override | @@ -247,6 +257,7 @@ global: | grpcgateway.ingress.customAnnotations | object | `{}` | Custom map of Ingress annotation | | grpcgateway.ingress.enabled | bool | `true` | Enable ingress | | grpcgateway.ingress.paths[0] | string | `"/grpcgateway.pb.GrpcGateway"` | | +| grpcgateway.ingress.secretName | string | `nil` | Override name of host/tls secret. If not specified, it will be generated | | grpcgateway.initContainersTpl | object | `{}` | Init containers definition | | grpcgateway.livenessProbe | object | `{}` | Liveness probe. grpc-gateway doesn't have any default liveness probe | | grpcgateway.log.encoderConfig.timeEncoder | string | `"rfc3339nano"` | Time format for logs. The supported values are: "rfc3339nano", "rfc3339" | @@ -270,6 +281,9 @@ global: | grpcgateway.securityContext | object | `{}` | Security context for pod | | grpcgateway.service.annotations | object | `{}` | Annotations for grpc-gateway service | | grpcgateway.service.labels | object | `{}` | Labels for grpc-gateway service | +| grpcgateway.service.name | string | `"grpc"` | Name | +| grpcgateway.service.protocol | string | `"TCP"` | Protocol | +| grpcgateway.service.targetPort | string | `"grpc"` | Target port | | grpcgateway.service.type | string | `"ClusterIP"` | Service type | | grpcgateway.tolerations | object | `{}` | Toleration definition | | httpgateway.affinity | object | `{}` | Affinity definition | @@ -283,6 +297,7 @@ global: | httpgateway.deploymentAnnotations | object | `{}` | Additional annotations for http-gateway deployment | | httpgateway.deploymentLabels | object | `{}` | Additional labels for http-gateway deployment | | httpgateway.enabled | bool | `true` | Enable http-gateway service | +| httpgateway.extraContainers | object | `{}` | Extra POD containers | | httpgateway.extraVolumeMounts | object | `{}` | Optional extra volume mounts | | httpgateway.extraVolumes | object | `{}` | Optional extra volumes | | httpgateway.fullnameOverride | string | `nil` | Full name to override | @@ -292,16 +307,18 @@ global: | httpgateway.image.repository | string | `"plgd-dev/hub/http-gateway"` | Image repository | | httpgateway.image.tag | string | `nil` | Image tag. | | httpgateway.imagePullSecrets | object | `{}` | Image pull secrets | -| httpgateway.ingress.api | object | `{"annotations":{"ingress.kubernetes.io/force-ssl-redirect":"true","nginx.ingress.kubernetes.io/backend-protocol":"HTTPS","nginx.ingress.kubernetes.io/enable-cors":"true","nginx.org/grpc-services":"{{ include \"plgd-hub.httpgateway.fullname\" . }}"},"customAnnotations":{},"enabled":true,"paths":["/api","/.well-known/hub-configuration"]}` | API ingress | +| httpgateway.ingress.api | object | `{"annotations":{"ingress.kubernetes.io/force-ssl-redirect":"true","nginx.ingress.kubernetes.io/backend-protocol":"HTTPS","nginx.ingress.kubernetes.io/enable-cors":"true","nginx.org/grpc-services":"{{ include \"plgd-hub.httpgateway.fullname\" . }}"},"customAnnotations":{},"enabled":true,"paths":["/api","/.well-known/hub-configuration"],"secretName":null}` | API ingress | | httpgateway.ingress.api.annotations | object | `{"ingress.kubernetes.io/force-ssl-redirect":"true","nginx.ingress.kubernetes.io/backend-protocol":"HTTPS","nginx.ingress.kubernetes.io/enable-cors":"true","nginx.org/grpc-services":"{{ include \"plgd-hub.httpgateway.fullname\" . }}"}` | Pre defined map of Ingress annotation | | httpgateway.ingress.api.customAnnotations | object | `{}` | Custom map of Ingress annotation | | httpgateway.ingress.api.enabled | bool | `true` | Enable ingress | | httpgateway.ingress.api.paths | list | `["/api","/.well-known/hub-configuration"]` | Ingress path | -| httpgateway.ingress.ui | object | `{"annotations":{"ingress.kubernetes.io/force-ssl-redirect":"true","nginx.ingress.kubernetes.io/backend-protocol":"HTTPS","nginx.ingress.kubernetes.io/enable-cors":"true"},"customAnnotations":{},"enabled":true,"paths":["/"]}` | UI ingress | +| httpgateway.ingress.api.secretName | string | `nil` | Override name of host/tls secret. If not specified, it will be generated | +| httpgateway.ingress.ui | object | `{"annotations":{"ingress.kubernetes.io/force-ssl-redirect":"true","nginx.ingress.kubernetes.io/backend-protocol":"HTTPS","nginx.ingress.kubernetes.io/enable-cors":"true"},"customAnnotations":{},"enabled":true,"paths":["/"],"secretName":null}` | UI ingress | | httpgateway.ingress.ui.annotations | object | `{"ingress.kubernetes.io/force-ssl-redirect":"true","nginx.ingress.kubernetes.io/backend-protocol":"HTTPS","nginx.ingress.kubernetes.io/enable-cors":"true"}` | Pre defined map of Ingress annotation | | httpgateway.ingress.ui.customAnnotations | object | `{}` | Custom map of Ingress annotation | | httpgateway.ingress.ui.enabled | bool | `true` | Enable ingress | | httpgateway.ingress.ui.paths | list | `["/"]` | Ingress path | +| httpgateway.ingress.ui.secretName | string | `nil` | Override name of host/tls secret. If not specified, it will be generated | | httpgateway.initContainersTpl | object | `{}` | Init containers definition. Render as template | | httpgateway.livenessProbe | object | `{}` | Liveness probe. http-gateway doesn't have any default liveness probe | | httpgateway.log.encoderConfig.timeEncoder | string | `"rfc3339nano"` | Time format for logs. The supported values are: "rfc3339nano", "rfc3339" | @@ -326,6 +343,9 @@ global: | httpgateway.securityContext | object | `{}` | Security context for pod | | httpgateway.service.annotations | object | `{}` | Annotations for http-gateway service | | httpgateway.service.labels | object | `{}` | Labels for http-gateway service | +| httpgateway.service.name | string | `"http"` | Name | +| httpgateway.service.protocol | string | `"TCP"` | Protocol | +| httpgateway.service.targetPort | string | `"http"` | Target port | | httpgateway.service.type | string | `"ClusterIP"` | | | httpgateway.tolerations | object | `{}` | Toleration definition | | httpgateway.ui | object | `{"directory":"/usr/local/var/www","enabled":true,"webConfiguration":{"authority":"","deviceOAuthClient":{"audience":null,"clientID":null,"providerName":null,"scopes":[]},"httpGatewayAddress":"","webOAuthClient":{"audience":"","clientID":"","scopes":[]}}}` | For complete http-gateway service configuration see [plgd/http-gateway](https://github.com/plgd-dev/hub/tree/main/http-gateway) | @@ -340,6 +360,7 @@ global: | identitystore.deploymentAnnotations | object | `{}` | Additional annotations for identity deployment | | identitystore.deploymentLabels | object | `{}` | Additional labels for identity deployment | | identitystore.enabled | bool | `true` | Enable identity service | +| identitystore.extraContainers | object | `{}` | Extra POD containers | | identitystore.extraVolumeMounts | object | `{}` | Extra volume mounts | | identitystore.extraVolumes | object | `{}` | Extra volumes | | identitystore.fullnameOverride | string | `nil` | Full name to override | @@ -372,9 +393,12 @@ global: | identitystore.resources | object | `{}` | Resources limit | | identitystore.restartPolicy | string | `"Always"` | Restart policy for pod | | identitystore.securityContext | object | `{}` | Security context for pod | -| identitystore.service | object | `{"annotations":{},"labels":{},"type":"ClusterIP"}` | Service configuration | +| identitystore.service | object | `{"annotations":{},"labels":{},"name":"grpc","protocol":"TCP","targetPort":"grpc","type":"ClusterIP"}` | Service configuration | | identitystore.service.annotations | object | `{}` | Service annotations | | identitystore.service.labels | object | `{}` | Service labels | +| identitystore.service.name | string | `"grpc"` | Name | +| identitystore.service.protocol | string | `"TCP"` | Protocol | +| identitystore.service.targetPort | string | `"grpc"` | Target port | | identitystore.service.type | string | `"ClusterIP"` | Service type | | identitystore.tolerations | object | `{}` | Toleration definition | | mockoauthserver.affinity | object | `{}` | Affinity definition | @@ -437,6 +461,9 @@ global: | mockoauthserver.securityContext | object | `{}` | | | mockoauthserver.service.annotations | object | `{}` | Annotations for mock-oauth-server service | | mockoauthserver.service.labels | object | `{}` | Labels for mock-oauth-server service | +| mockoauthserver.service.name | string | `"http"` | Name | +| mockoauthserver.service.protocol | string | `"TCP"` | Protocol | +| mockoauthserver.service.targetPort | string | `"http"` | Target port | | mockoauthserver.service.type | string | `"ClusterIP"` | | | mockoauthserver.tolerations | object | `{}` | Toleration definition | | mongodb | object | `{"arbiter":{"enabled":false},"architecture":"replicaset","auth":{"enabled":false},"customLivenessProbe":{"exec":{"command":["mongo","--disableImplicitSessions","--tls","--tlsCertificateKeyFile=/certs/cert.pem","--tlsCAFile=/certs/ca.pem","--eval","db.adminCommand('ping')"]},"failureThreshold":6,"initialDelaySeconds":30,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":5},"customReadinessProbe":{"exec":{"command":["bash","-ec","TLS_OPTIONS='--tls --tlsCertificateKeyFile=/certs/cert.pem --tlsCAFile=/certs/ca.pem'\nmongo --disableImplicitSessions $TLS_OPTIONS --eval 'db.hello().isWritablePrimary || db.hello().secondary' | grep -q 'true'\n"]},"failureThreshold":6,"initialDelaySeconds":5,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":5},"enabled":true,"extraEnvVars":[{"name":"MONGODB_EXTRA_FLAGS","value":"--tlsMode=requireTLS --tlsCertificateKeyFile=/certs/cert.pem --tlsCAFile=/certs/ca.pem"},{"name":"MONGODB_CLIENT_EXTRA_FLAGS","value":"--tls --tlsCertificateKeyFile=/certs/cert.pem --tlsCAFile=/certs/ca.pem"}],"extraVolumeMounts":[{"mountPath":"/certs","name":"mongodb-crt"}],"extraVolumes":[{"emptyDir":{},"name":"mongodb-crt"},{"name":"mongodb-cm-crt","secret":{"secretName":"mongodb-cm-crt"}}],"fullnameOverride":"mongodb","image":{"debug":true,"net":{"port":27017}},"initContainers":[{"command":["sh","-c","/bin/bash <<'EOF'\ncat /tmp/certs/tls.crt >> /certs/cert.pem\ncat /tmp/certs/tls.key >> /certs/cert.pem\ncp /tmp/certs/ca.crt /certs/ca.pem\nEOF\n"],"image":"docker.io/bitnami/nginx:1.20.2-debian-10-r63","imagePullPolicy":"IfNotPresent","name":"convert-cm-crt","volumeMounts":[{"mountPath":"/certs","name":"mongodb-crt"},{"mountPath":"/tmp/certs","name":"mongodb-cm-crt"}]}],"livenessProbe":{"enabled":false},"persistence":{"enabled":true},"readinessProbe":{"enabled":false},"replicaCount":3,"replicaSetName":"rs0","tls":{"enabled":false}}` | External mongodb-replica dependency setup | @@ -475,6 +502,7 @@ global: | resourceaggregate.deploymentAnnotations | object | `{}` | Additional annotations for resource-aggregate deployment | | resourceaggregate.deploymentLabels | object | `{}` | Additional labels for resource-aggregate deployment | | resourceaggregate.enabled | bool | `true` | Enable resource-aggregate service | +| resourceaggregate.extraContainers | object | `{}` | Extra POD containers | | resourceaggregate.extraVolumeMounts | object | `{}` | Optional extra volume mounts | | resourceaggregate.extraVolumes | object | `{}` | Optional extra volumes | | resourceaggregate.fullnameOverride | string | `nil` | Full name to override | @@ -508,6 +536,9 @@ global: | resourceaggregate.securityContext | object | `{}` | Security context for pod | | resourceaggregate.service.annotations | object | `{}` | Annotations for resource-aggregate service | | resourceaggregate.service.labels | object | `{}` | Labels for resource-aggregate service | +| resourceaggregate.service.name | string | `"grpc"` | Name | +| resourceaggregate.service.protocol | string | `"TCP"` | Protocol | +| resourceaggregate.service.targetPort | string | `"grpc"` | Target port | | resourceaggregate.service.type | string | `"ClusterIP"` | Service type | | resourceaggregate.tolerations | object | `{}` | Toleration definition | | resourcedirectory.affinity | object | `{}` | Affinity definition | @@ -520,15 +551,16 @@ global: | resourcedirectory.deploymentAnnotations | object | `{}` | Additional annotations for resource-directory deployment | | resourcedirectory.deploymentLabels | object | `{}` | Additional labels for resource-directory deployment | | resourcedirectory.enabled | bool | `true` | Enable resource-directory service | +| resourcedirectory.extraContainers | object | `{}` | Extra POD containers | | resourcedirectory.extraVolumeMounts | object | `{}` | Optional extra volume mounts | | resourcedirectory.extraVolumes | object | `{}` | Optional extra volumes | | resourcedirectory.fullnameOverride | string | `nil` | Full name to override | | resourcedirectory.image.command | string | `nil` | Container command | -| resourcedirectory.image.imagePullSecrets | object | `{}` | Image pull secrets | +| resourcedirectory.image.imagePullSecrets | object | `{}` | | | resourcedirectory.image.pullPolicy | string | `"Always"` | Image pull policy | | resourcedirectory.image.registry | string | `"ghcr.io/"` | Image registry | | resourcedirectory.image.repository | string | `"plgd-dev/hub/resource-directory"` | Image repository | -| resourcedirectory.image.tag | string | `nil` | Image tag. | +| resourcedirectory.image.tag | string | `nil` | | | resourcedirectory.initContainersTpl | object | `{}` | Init containers definition. Resolved as template | | resourcedirectory.livenessProbe | object | `{}` | Liveness probe. resource-directory doesn't have any default liveness probe | | resourcedirectory.log | object | `{"encoderConfig":{"timeEncoder":"rfc3339nano"},"encoding":"json","level":"info","stacktrace":{"enabled":false,"level":"warn"}}` | Log section | @@ -550,13 +582,16 @@ global: | resourcedirectory.readinessProbe | object | `{}` | Readiness probe. resource-directory doesn't have aby default readiness probe | | resourcedirectory.replicas | int | `1` | Number of replicas | | resourcedirectory.resources | object | `{}` | Resources limit | -| resourcedirectory.restartPolicy | string | `"Always"` | Restart policy for pod | +| resourcedirectory.restartPolicy | string | `"Always"` | | | resourcedirectory.securityContext | object | `{}` | Security context for pod | | resourcedirectory.service.annotations | object | `{}` | Annotations for resource-directory service | | resourcedirectory.service.labels | object | `{}` | Labels for resource-directory service | +| resourcedirectory.service.name | string | `"grpc"` | Name | +| resourcedirectory.service.protocol | string | `"TCP"` | Protocol | +| resourcedirectory.service.targetPort | string | `"grpc"` | Target port | | resourcedirectory.service.type | string | `"ClusterIP"` | resource-directory service type | | resourcedirectory.tolerations | object | `{}` | Toleration definition | ---------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.6.0](https://github.com/norwoodj/helm-docs/releases/v1.6.0) +Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0) diff --git a/charts/plgd-hub/templates/certificate-authority/_helpers.tpl b/charts/plgd-hub/templates/certificate-authority/_helpers.tpl index 53a666553..753b678a5 100644 --- a/charts/plgd-hub/templates/certificate-authority/_helpers.tpl +++ b/charts/plgd-hub/templates/certificate-authority/_helpers.tpl @@ -46,8 +46,12 @@ {{- end }} {{- define "plgd-hub.certificateauthority.domainCertName" -}} - {{- $fullName := include "plgd-hub.certificateauthority.fullname" . -}} - {{- printf "%s-domain-crt" $fullName -}} + {{- if .Values.certificateauthority.ingress.secretName }} + {{- printf "%s" .Values.certificateauthority.ingress.secretName -}} + {{- else }} + {{- $fullName := include "plgd-hub.certificateauthority.fullname" . -}} + {{- printf "%s-domain-crt" $fullName -}} + {{- end }} {{- end }} {{- define "plgd-hub.certificateauthority.selectorLabels" -}} diff --git a/charts/plgd-hub/templates/certificate-authority/deployment.yaml b/charts/plgd-hub/templates/certificate-authority/deployment.yaml index 28c44b66e..36bd8aa6e 100644 --- a/charts/plgd-hub/templates/certificate-authority/deployment.yaml +++ b/charts/plgd-hub/templates/certificate-authority/deployment.yaml @@ -92,6 +92,9 @@ spec: {{- with .Values.certificateauthority.extraVolumes }} {{- toYaml . | nindent 12 }} {{- end }} + {{- if .Values.certificateauthority.extraContainers }} + {{- include "plgd-hub.tplvalues.render" ( dict "value" .Values.certificateauthority.extraContainers "context" $ ) | nindent 8 }} + {{- end }} volumes: - name: {{ .Values.resourcedirectory.config.volume }} configMap: diff --git a/charts/plgd-hub/templates/certificate-authority/ingress.yaml b/charts/plgd-hub/templates/certificate-authority/ingress.yaml index b181c3580..267e7d1a6 100644 --- a/charts/plgd-hub/templates/certificate-authority/ingress.yaml +++ b/charts/plgd-hub/templates/certificate-authority/ingress.yaml @@ -1,6 +1,5 @@ {{- if .Values.certificateauthority.enabled }} {{- $fullname := include "plgd-hub.certificateauthority.fullname" . }} -{{- $domainCrt := include "plgd-hub.certificateauthority.domainCertName" . }} {{- $port := .Values.certificateauthority.port }} apiVersion: networking.k8s.io/v1 kind: Ingress diff --git a/charts/plgd-hub/templates/certificate-authority/service.yaml b/charts/plgd-hub/templates/certificate-authority/service.yaml index fe50cf1c5..13c64d93d 100644 --- a/charts/plgd-hub/templates/certificate-authority/service.yaml +++ b/charts/plgd-hub/templates/certificate-authority/service.yaml @@ -17,9 +17,9 @@ spec: type: {{ .Values.certificateauthority.service.type | default "ClusterIP" }} ports: - port: {{ .Values.certificateauthority.port }} - targetPort: grpc - protocol: TCP - name: grpc + targetPort: {{ .Values.certificateauthority.service.targetPort }} + protocol: {{ .Values.certificateauthority.service.protocol }} + name: {{ .Values.certificateauthority.service.name }} selector: {{- include "plgd-hub.certificateauthority.selectorLabels" . | nindent 4 }} {{- end }} \ No newline at end of file diff --git a/charts/plgd-hub/templates/coap-gateway/deployment.yaml b/charts/plgd-hub/templates/coap-gateway/deployment.yaml index d8aaad019..8d4e644cf 100644 --- a/charts/plgd-hub/templates/coap-gateway/deployment.yaml +++ b/charts/plgd-hub/templates/coap-gateway/deployment.yaml @@ -97,6 +97,9 @@ spec: mountPath: {{ printf "/secrets/%s" .name }} {{- end }} {{- end }} + {{- if .Values.coapgateway.extraContainers }} + {{- include "plgd-hub.tplvalues.render" ( dict "value" .Values.coapgateway.extraContainers "context" $ ) | nindent 8 }} + {{- end }} volumes: - name: {{ .Values.coapgateway.config.volume }} configMap: diff --git a/charts/plgd-hub/templates/coap-gateway/service.yaml b/charts/plgd-hub/templates/coap-gateway/service.yaml index 031568c85..1b16d4dff 100644 --- a/charts/plgd-hub/templates/coap-gateway/service.yaml +++ b/charts/plgd-hub/templates/coap-gateway/service.yaml @@ -20,9 +20,9 @@ spec: {{- if $.Values.coapgateway.service.nodePort }} nodePort: {{ $.Values.coapgateway.service.nodePort }} {{- end }} - targetPort: coaps - protocol: TCP - name: coaps + targetPort: {{ .Values.coapgateway.service.targetPort }} + protocol: {{ .Values.coapgateway.service.protocol }} + name: {{ .Values.coapgateway.service.name }} selector: {{- include "plgd-hub.coapgateway.selectorLabels" . | nindent 4 }} {{- end }} \ No newline at end of file diff --git a/charts/plgd-hub/templates/grpc-gateway/_helpers.tpl b/charts/plgd-hub/templates/grpc-gateway/_helpers.tpl index 76977933a..5ad516b12 100644 --- a/charts/plgd-hub/templates/grpc-gateway/_helpers.tpl +++ b/charts/plgd-hub/templates/grpc-gateway/_helpers.tpl @@ -38,8 +38,12 @@ {{- end }} {{- define "plgd-hub.grpcgateway.domainCertName" -}} - {{- $fullName := include "plgd-hub.grpcgateway.fullname" . -}} - {{- printf "%s-domain-crt" $fullName -}} + {{- if .Values.grpcgateway.ingress.secretName }} + {{- printf "%s" .Values.grpcgateway.ingress.secretName -}} + {{- else }} + {{- $fullName := include "plgd-hub.grpcgateway.fullname" . -}} + {{- printf "%s-domain-crt" $fullName -}} + {{- end }} {{- end }} diff --git a/charts/plgd-hub/templates/grpc-gateway/deployment.yaml b/charts/plgd-hub/templates/grpc-gateway/deployment.yaml index ade1ace05..4ff3ed575 100644 --- a/charts/plgd-hub/templates/grpc-gateway/deployment.yaml +++ b/charts/plgd-hub/templates/grpc-gateway/deployment.yaml @@ -87,6 +87,9 @@ spec: {{- with .Values.grpcgateway.extraVolumes }} {{- toYaml . | nindent 12 }} {{- end }} + {{- if .Values.grpcgateway.extraContainers }} + {{- include "plgd-hub.tplvalues.render" ( dict "value" .Values.grpcgateway.extraContainers "context" $ ) | nindent 8 }} + {{- end }} volumes: - name: {{ .Values.grpcgateway.config.volume }} configMap: diff --git a/charts/plgd-hub/templates/grpc-gateway/ingress.yaml b/charts/plgd-hub/templates/grpc-gateway/ingress.yaml index 58d110cf5..b0bf77bd2 100644 --- a/charts/plgd-hub/templates/grpc-gateway/ingress.yaml +++ b/charts/plgd-hub/templates/grpc-gateway/ingress.yaml @@ -1,6 +1,5 @@ {{- if .Values.grpcgateway.enabled }} {{- $fullname := include "plgd-hub.grpcgateway.fullname" . }} -{{- $domainCrt := include "plgd-hub.grpcgateway.domainCertName" . }} {{- $port := .Values.grpcgateway.port }} apiVersion: networking.k8s.io/v1 kind: Ingress diff --git a/charts/plgd-hub/templates/grpc-gateway/service.yaml b/charts/plgd-hub/templates/grpc-gateway/service.yaml index 92d2a916b..8e9522bb0 100644 --- a/charts/plgd-hub/templates/grpc-gateway/service.yaml +++ b/charts/plgd-hub/templates/grpc-gateway/service.yaml @@ -17,9 +17,9 @@ spec: type: {{ .Values.grpcgateway.service.type | default "ClusterIP" }} ports: - port: {{ .Values.grpcgateway.port }} - targetPort: grpc - protocol: TCP - name: grpc + targetPort: {{ .Values.grpcgateway.service.targetPort }} + protocol: {{ .Values.grpcgateway.service.protocol }} + name: {{ .Values.grpcgateway.service.name }} selector: {{- include "plgd-hub.grpcgateway.selectorLabels" . | nindent 4 }} {{- end }} \ No newline at end of file diff --git a/charts/plgd-hub/templates/http-gateway/_helpers.tpl b/charts/plgd-hub/templates/http-gateway/_helpers.tpl index 841017f5e..595388a9c 100644 --- a/charts/plgd-hub/templates/http-gateway/_helpers.tpl +++ b/charts/plgd-hub/templates/http-gateway/_helpers.tpl @@ -38,9 +38,22 @@ {{- end }} -{{- define "plgd-hub.httpgateway.domainCertName" -}} +{{- define "plgd-hub.httpgateway.uiDomainSecretName" -}} + {{- if .Values.httpgateway.ingress.ui.secretName }} + {{- printf "%s" .Values.httpgateway.ingress.ui.secretName -}} + {{- else -}} {{- $fullName := include "plgd-hub.httpgateway.fullname" . -}} - {{- printf "%s-domain-crt" $fullName -}} + {{- printf "%s-ui-domain-crt" $fullName -}} + {{- end }} +{{- end }} + +{{- define "plgd-hub.httpgateway.apiDomainSecretName" -}} + {{- if .Values.httpgateway.ingress.api.secretName }} + {{- printf "%s" .Values.httpgateway.ingress.api.secretName -}} + {{- else -}} + {{- $fullName := include "plgd-hub.httpgateway.fullname" . -}} + {{- printf "%s-api-domain-crt" $fullName -}} + {{- end }} {{- end }} {{- define "plgd-hub.httpgateway.apiDomain" -}} diff --git a/charts/plgd-hub/templates/http-gateway/domain-crt.yaml b/charts/plgd-hub/templates/http-gateway/api-domain-crt.yaml similarity index 83% rename from charts/plgd-hub/templates/http-gateway/domain-crt.yaml rename to charts/plgd-hub/templates/http-gateway/api-domain-crt.yaml index b2a748126..e57197f17 100644 --- a/charts/plgd-hub/templates/http-gateway/domain-crt.yaml +++ b/charts/plgd-hub/templates/http-gateway/api-domain-crt.yaml @@ -1,5 +1,5 @@ -{{- $createServiceCert := include "plgd-hub.httpgateway.domainCertName" . }} -{{- if and $createServiceCert .Values.certmanager.enabled .Values.httpgateway.enabled (not $.Values.global.enableWildCartCert ) }} +{{- $createServiceCert := include "plgd-hub.httpgateway.apiDomainSecretName" . }} +{{- if and .Values.certmanager.enabled .Values.httpgateway.enabled .Values.httpgateway.ingress.api.enabled (not $.Values.global.enableWildCartCert ) }} apiVersion: cert-manager.io/v1 kind: Certificate metadata: @@ -24,7 +24,6 @@ spec: - client auth dnsNames: - {{ include "plgd-hub.httpgateway.apiDomain" . | quote }} - - {{ include "plgd-hub.httpgateway.uiDomain" . | quote }} duration: {{ .Values.certmanager.external.cert.duration | default .Values.certmanager.default.cert.duration }} renewBefore: {{ .Values.certmanager.external.cert.renewBefore | default .Values.certmanager.default.cert.renewBefore }} issuerRef: diff --git a/charts/plgd-hub/templates/http-gateway/api-ingress.yaml b/charts/plgd-hub/templates/http-gateway/api-ingress.yaml index 198e416b9..5e9b9370a 100644 --- a/charts/plgd-hub/templates/http-gateway/api-ingress.yaml +++ b/charts/plgd-hub/templates/http-gateway/api-ingress.yaml @@ -1,6 +1,5 @@ {{- if .Values.httpgateway.enabled }} {{- $fullname := include "plgd-hub.httpgateway.fullname" . }} -{{- $domainCrt := include "plgd-hub.httpgateway.domainCertName" . }} {{- $port := .Values.httpgateway.port }} apiVersion: networking.k8s.io/v1 kind: Ingress @@ -23,7 +22,7 @@ spec: {{- if $.Values.global.enableWildCartCert }} secretName: {{ include "plgd-hub.wildCardCertName" . | quote }} {{- else }} - secretName: {{ include "plgd-hub.httpgateway.domainCertName" . | quote }} + secretName: {{ include "plgd-hub.httpgateway.apiDomainSecretName" . | quote }} {{- end }} rules: - host: {{ include "plgd-hub.httpgateway.apiDomain" . | quote }} diff --git a/charts/plgd-hub/templates/http-gateway/deployment.yaml b/charts/plgd-hub/templates/http-gateway/deployment.yaml index 6b3ce1ceb..ba5ca46da 100644 --- a/charts/plgd-hub/templates/http-gateway/deployment.yaml +++ b/charts/plgd-hub/templates/http-gateway/deployment.yaml @@ -87,6 +87,9 @@ spec: {{- with .Values.httpgateway.extraVolumes }} {{- toYaml . | nindent 12 }} {{- end }} + {{- if .Values.httpgateway.extraContainers }} + {{- include "plgd-hub.tplvalues.render" ( dict "value" .Values.httpgateway.extraContainers "context" $ ) | nindent 8 }} + {{- end }} volumes: - name: {{ .Values.httpgateway.config.volume }} configMap: diff --git a/charts/plgd-hub/templates/http-gateway/service.yaml b/charts/plgd-hub/templates/http-gateway/service.yaml index 0ecc86e3b..e2ed433fa 100644 --- a/charts/plgd-hub/templates/http-gateway/service.yaml +++ b/charts/plgd-hub/templates/http-gateway/service.yaml @@ -17,9 +17,9 @@ spec: type: {{ .Values.httpgateway.service.type | default "ClusterIP" }} ports: - port: {{ .Values.httpgateway.port }} - targetPort: http - protocol: TCP - name: http + targetPort: {{ .Values.httpgateway.service.targetPort }} + protocol: {{ .Values.httpgateway.service.protocol }} + name: {{ .Values.httpgateway.service.name }} selector: {{- include "plgd-hub.httpgateway.selectorLabels" . | nindent 4 }} {{- end }} \ No newline at end of file diff --git a/charts/plgd-hub/templates/http-gateway/ui-domain-crt.yaml b/charts/plgd-hub/templates/http-gateway/ui-domain-crt.yaml new file mode 100644 index 000000000..6ad4acba3 --- /dev/null +++ b/charts/plgd-hub/templates/http-gateway/ui-domain-crt.yaml @@ -0,0 +1,33 @@ +{{- $createServiceCert := include "plgd-hub.httpgateway.uiDomainSecretName" . }} +{{- if and .Values.certmanager.enabled .Values.httpgateway.enabled .Values.httpgateway.ui.enabled .Values.httpgateway.ingress.ui.enabled (not $.Values.global.enableWildCartCert ) }} +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ $createServiceCert }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "plgd-hub.labels" . | nindent 4 }} + {{- with .Values.certmanager.external.labels }} + {{- . | toYaml | nindent 4 }} + {{- end }} + {{- with .Values.certmanager.external.annotations }} + annotations: + {{- . | toYaml | nindent 4 }} + {{- end }} +spec: + secretName: {{ $createServiceCert }} + privateKey: + algorithm: {{ .Values.certmanager.external.cert.key.algorithm | default .Values.certmanager.default.cert.key.algorithm }} + size: {{ .Values.certmanager.external.cert.key.size | default .Values.certmanager.default.cert.key.size }} + usages: + - server auth + - client auth + dnsNames: + - {{ include "plgd-hub.httpgateway.uiDomain" . | quote }} + duration: {{ .Values.certmanager.external.cert.duration | default .Values.certmanager.default.cert.duration }} + renewBefore: {{ .Values.certmanager.external.cert.renewBefore | default .Values.certmanager.default.cert.renewBefore }} + issuerRef: + name: {{ .Values.certmanager.external.issuer.name | default .Values.certmanager.default.issuer.name }} + kind: {{ .Values.certmanager.external.issuer.kind | default .Values.certmanager.default.issuer.kind }} + group: cert-manager.io +{{- end }} diff --git a/charts/plgd-hub/templates/http-gateway/ui-ingress.yaml b/charts/plgd-hub/templates/http-gateway/ui-ingress.yaml index 4dd3b50ee..c92ebe246 100644 --- a/charts/plgd-hub/templates/http-gateway/ui-ingress.yaml +++ b/charts/plgd-hub/templates/http-gateway/ui-ingress.yaml @@ -1,6 +1,5 @@ {{- if and .Values.httpgateway.enabled .Values.httpgateway.ui.enabled }} {{- $fullname := include "plgd-hub.httpgateway.fullname" . }} -{{- $domainCrt := include "plgd-hub.httpgateway.domainCertName" . }} {{- $port := .Values.httpgateway.port }} apiVersion: networking.k8s.io/v1 kind: Ingress @@ -23,7 +22,7 @@ spec: {{- if $.Values.global.enableWildCartCert }} secretName: {{ include "plgd-hub.wildCardCertName" . | quote }} {{- else }} - secretName: {{ include "plgd-hub.httpgateway.domainCertName" . | quote }} + secretName: {{ include "plgd-hub.httpgateway.uiDomainSecretName" . | quote }} {{- end }} rules: - host: {{ include "plgd-hub.httpgateway.uiDomain" . | quote }} diff --git a/charts/plgd-hub/templates/identity-store/deployment.yaml b/charts/plgd-hub/templates/identity-store/deployment.yaml index 240527c22..dd65b4b31 100644 --- a/charts/plgd-hub/templates/identity-store/deployment.yaml +++ b/charts/plgd-hub/templates/identity-store/deployment.yaml @@ -87,6 +87,9 @@ spec: {{- with .Values.identitystore.extraVolumes }} {{- toYaml . | nindent 12 }} {{- end }} + {{- if .Values.identitystore.extraContainers }} + {{- include "plgd-hub.tplvalues.render" ( dict "value" .Values.identitystore.extraContainers "context" $ ) | nindent 8 }} + {{- end }} volumes: {{- if ( include "plgd-hub.identitystore.createServiceCertByCm" . ) }} - name: service-crt diff --git a/charts/plgd-hub/templates/identity-store/service.yaml b/charts/plgd-hub/templates/identity-store/service.yaml index 697c65c65..6a0107d4a 100644 --- a/charts/plgd-hub/templates/identity-store/service.yaml +++ b/charts/plgd-hub/templates/identity-store/service.yaml @@ -17,9 +17,9 @@ spec: type: {{ .Values.identitystore.service.type | default "ClusterIP" }} ports: - port: {{ .Values.identitystore.port }} - targetPort: grpc - protocol: TCP - name: grpc + targetPort: {{ .Values.identitystore.service.targetPort }} + protocol: {{ .Values.identitystore.service.protocol }} + name: {{ .Values.identitystore.service.name }} selector: {{- include "plgd-hub.identitystore.selectorLabels" . | nindent 4 }} {{- end }} \ No newline at end of file diff --git a/charts/plgd-hub/templates/mock-oauth-server/service.yaml b/charts/plgd-hub/templates/mock-oauth-server/service.yaml index 162b77d7b..ab307d326 100644 --- a/charts/plgd-hub/templates/mock-oauth-server/service.yaml +++ b/charts/plgd-hub/templates/mock-oauth-server/service.yaml @@ -17,9 +17,9 @@ spec: type: {{ .Values.mockoauthserver.service.type | default "ClusterIP" }} ports: - port: {{ .Values.mockoauthserver.port }} - targetPort: http - protocol: TCP - name: http + targetPort: {{ .Values.mockoauthserver.service.targetPort }} + protocol: {{ .Values.mockoauthserver.service.protocol }} + name: {{ .Values.mockoauthserver.service.name }} selector: {{- include "plgd-hub.mockoauthserver.selectorLabels" . | nindent 4 }} {{- end }} \ No newline at end of file diff --git a/charts/plgd-hub/templates/resource-aggregate/deployment.yaml b/charts/plgd-hub/templates/resource-aggregate/deployment.yaml index 9b237765b..b090faa0b 100644 --- a/charts/plgd-hub/templates/resource-aggregate/deployment.yaml +++ b/charts/plgd-hub/templates/resource-aggregate/deployment.yaml @@ -87,6 +87,9 @@ spec: {{- with .Values.resourceaggregate.extraVolumes }} {{- toYaml . | nindent 12 }} {{- end }} + {{- if .Values.resourceaggregate.extraContainers }} + {{- include "plgd-hub.tplvalues.render" ( dict "value" .Values.resourceaggregate.extraContainers "context" $ ) | nindent 8 }} + {{- end }} volumes: - name: {{ .Values.resourcedirectory.config.volume }} configMap: diff --git a/charts/plgd-hub/templates/resource-aggregate/service.yaml b/charts/plgd-hub/templates/resource-aggregate/service.yaml index 2709bf0f5..1e0b7475b 100644 --- a/charts/plgd-hub/templates/resource-aggregate/service.yaml +++ b/charts/plgd-hub/templates/resource-aggregate/service.yaml @@ -17,9 +17,9 @@ spec: type: {{ .Values.resourceaggregate.service.type | default "ClusterIP" }} ports: - port: {{ .Values.resourceaggregate.port }} - targetPort: grpc - protocol: TCP - name: grpc + targetPort: {{ .Values.resourceaggregate.service.targetPort }} + protocol: {{ .Values.resourceaggregate.service.protocol }} + name: {{ .Values.resourceaggregate.service.name }} selector: {{- include "plgd-hub.resourceaggregate.selectorLabels" . | nindent 4 }} {{- end }} \ No newline at end of file diff --git a/charts/plgd-hub/templates/resource-directory/config.yaml b/charts/plgd-hub/templates/resource-directory/config.yaml index 84ffcba94..f79783ca5 100644 --- a/charts/plgd-hub/templates/resource-directory/config.yaml +++ b/charts/plgd-hub/templates/resource-directory/config.yaml @@ -88,7 +88,7 @@ data: publicConfiguration: caPool: {{ .publicConfiguration.caPool | default "/certs/ca.crt" | quote }} {{- if not $.Values.mockoauthserver.enabled }} - authorizationServer: {{ required "resourcedirectory.publicConfiguration.authorizationServer or global.authority is required" ( .publicConfiguration.authorizationServer | default $.Values.global.authority ) | quote }} + authorizationServer: {{ required "resourcedirectory.publicConfiguration.authorizationServer or global.authority is required" ( tpl (( .publicConfiguration.authorizationServer | default $.Values.global.authority ) | default "" ) $ ) | quote }} {{- else }} authorizationServer: {{ include "plgd-hub.mockoauthserver.uri" $ | quote }} {{- end }} diff --git a/charts/plgd-hub/templates/resource-directory/deployment.yaml b/charts/plgd-hub/templates/resource-directory/deployment.yaml index 8c547df45..ada522556 100644 --- a/charts/plgd-hub/templates/resource-directory/deployment.yaml +++ b/charts/plgd-hub/templates/resource-directory/deployment.yaml @@ -87,6 +87,9 @@ spec: {{- with .Values.resourcedirectory.extraVolumes }} {{- toYaml . | nindent 12 }} {{- end }} + {{- if .Values.resourcedirectory.extraContainers }} + {{- include "plgd-hub.tplvalues.render" ( dict "value" .Values.resourcedirectory.extraContainers "context" $ ) | nindent 8 }} + {{- end }} volumes: - name: {{ .Values.resourcedirectory.config.volume }} configMap: diff --git a/charts/plgd-hub/templates/resource-directory/service.yaml b/charts/plgd-hub/templates/resource-directory/service.yaml index 857a9cb40..d734d02ab 100644 --- a/charts/plgd-hub/templates/resource-directory/service.yaml +++ b/charts/plgd-hub/templates/resource-directory/service.yaml @@ -17,9 +17,9 @@ spec: type: {{ .Values.resourcedirectory.service.type | default "ClusterIP" }} ports: - port: {{ .Values.resourcedirectory.port }} - targetPort: grpc - protocol: TCP - name: grpc + targetPort: {{ .Values.resourcedirectory.service.targetPort }} + protocol: {{ .Values.resourcedirectory.service.protocol }} + name: {{ .Values.resourcedirectory.service.name }} selector: {{- include "plgd-hub.resourcedirectory.selectorLabels" . | nindent 4 }} {{- end }} \ No newline at end of file diff --git a/charts/plgd-hub/values.yaml b/charts/plgd-hub/values.yaml index cf8f8d5b0..ef023b269 100644 --- a/charts/plgd-hub/values.yaml +++ b/charts/plgd-hub/values.yaml @@ -296,6 +296,12 @@ resourcedirectory: labels: {} # -- Annotations for resource-directory service annotations: {} + # -- Target port + targetPort: grpc + # -- Protocol + protocol: TCP + # -- Name + name: grpc # -- RBAC configuration rbac: # Create RBAC config @@ -310,6 +316,8 @@ resourcedirectory: restartPolicy: Always # -- Init containers definition. Resolved as template initContainersTpl: {} + # -- Extra POD containers + extraContainers: {} image: # -- Image registry registry: ghcr.io/ @@ -501,6 +509,12 @@ resourceaggregate: labels: {} # -- Annotations for resource-aggregate service annotations: {} + # -- Target port + targetPort: grpc + # -- Protocol + protocol: TCP + # -- Name + name: grpc # -- RBAC configuration rbac: # -- Create RBAC config @@ -517,6 +531,8 @@ resourceaggregate: restartPolicy: Always # -- Init containers definition. Resolved as template initContainersTpl: {} + # -- Extra POD containers + extraContainers: {} image: # -- Image registry registry: ghcr.io/ @@ -682,6 +698,12 @@ coapgateway: labels: { } # -- Annotations for coap-gateway service annotations: { } + # -- Target port + targetPort: coaps + # -- Protocol + protocol: TCP + # -- Name + name: coaps # -- RBAC configuration rbac: # -- Create RBAC config @@ -698,6 +720,8 @@ coapgateway: restartPolicy: Always # -- Init containers definition initContainersTpl: { } + # -- Extra POD containers + extraContainers: {} image: # -- Image registry registry: ghcr.io/ @@ -862,6 +886,12 @@ identitystore: labels: {} # -- Service annotations annotations: {} + # -- Target port + targetPort: grpc + # -- Protocol + protocol: TCP + # -- Name + name: grpc # -- RBAC configuration rbac: # -- Enable RBAC setup @@ -878,6 +908,8 @@ identitystore: restartPolicy: Always # -- Init containers definition. Resolved as template initContainersTpl: {} + # -- Extra POD containers + extraContainers: {} # -- Identity service image section image: # -- Image registry @@ -1013,6 +1045,12 @@ httpgateway: labels: {} # -- Annotations for http-gateway service annotations: {} + # -- Target port + targetPort: http + # -- Protocol + protocol: TCP + # -- Name + name: http # -- RBAC configuration rbac: # -- Enable RBAC setup @@ -1029,6 +1067,8 @@ httpgateway: restartPolicy: Always # -- Init containers definition. Render as template initContainersTpl: {} + # -- Extra POD containers + extraContainers: {} image: # -- Image registry registry: ghcr.io/ @@ -1065,6 +1105,8 @@ httpgateway: api: # -- Enable ingress enabled: true + # -- Override name of host/tls secret. If not specified, it will be generated + secretName: # -- Pre defined map of Ingress annotation annotations: nginx.org/grpc-services: "{{ include \"plgd-hub.httpgateway.fullname\" . }}" @@ -1081,6 +1123,8 @@ httpgateway: ui: # -- Enable ingress enabled: true + # -- Override name of host/tls secret. If not specified, it will be generated + secretName: # -- Pre defined map of Ingress annotation annotations: nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" @@ -1198,6 +1242,12 @@ grpcgateway: labels: {} # -- Annotations for grpc-gateway service annotations: {} + # -- Target port + targetPort: grpc + # -- Protocol + protocol: TCP + # -- Name + name: grpc # -- RBAC configuration rbac: # Enable RBAC @@ -1214,6 +1264,8 @@ grpcgateway: restartPolicy: Always # -- Init containers definition initContainersTpl: {} + # -- Extra POD containers + extraContainers: {} image: # -- Image registry registry: ghcr.io/ @@ -1246,6 +1298,8 @@ grpcgateway: ingress: # -- Enable ingress enabled: true + # -- Override name of host/tls secret. If not specified, it will be generated + secretName: # -- Ingress annotations annotations: nginx.org/grpc-services: "{{ include \"plgd-hub.grpcgateway.fullname\" . }}" @@ -1254,6 +1308,7 @@ grpcgateway: nginx.ingress.kubernetes.io/enable-cors: "true" # -- Custom map of Ingress annotation customAnnotations: {} + paths: - /grpcgateway.pb.GrpcGateway # -- Service yaml configuration section @@ -1396,6 +1451,12 @@ certificateauthority: labels: {} # -- Annotations for certificate-authority service annotations: {} + # -- Target port + targetPort: grpc + # -- Protocol + protocol: TCP + # -- Name + name: grpc # -- RBAC configuration rbac: # -- Enable RBAC @@ -1412,6 +1473,8 @@ certificateauthority: restartPolicy: Always # -- Init containers definition initContainersTpl: + # -- Extra POD containers + extraContainers: {} image: # -- Image registry registry: ghcr.io/ @@ -1444,6 +1507,8 @@ certificateauthority: ingress: # -- Enable ingress enabled: true + # -- Override name of host/tls secret. If not specified, it will be generated + secretName: # -- Pre defined map of Ingress annotation annotations: nginx.org/grpc-services: "{{ include \"plgd-hub.certificateauthority.fullname\" . }}" @@ -1574,6 +1639,12 @@ mockoauthserver: labels: {} # -- Annotations for mock-oauth-server service annotations: {} + # -- Target port + targetPort: http + # -- Protocol + protocol: TCP + # -- Name + name: http securityContext: {} # -- Image pull secrets imagePullSecrets: {}